US 'laptop farm' man accused of outsourcing his IT jobs to North Korea to fund weapons programs

The FBI today arrested a Tennessee man suspected of running a "laptop farm" that got North Koreans, posing as Westerners, IT jobs at American and British companies.

It's claimed this swindle helped generate cash toward Pyongyang's weapons programs.

According to US prosecutors, Matthew Isaac Knoot, 38, of Nashville, defrauded multiple US and UK companies by applying for remote technology jobs, and then secretly outsourced those jobs to North Koreans.

From July 2022 to August 2023, Knoot worked at an unspecified number of "US media, technology, and financial companies," who thought they had hired a one Andrew M, a US citizen whose identity had been stolen, it is claimed. 

Those firms allegedly sent Knoot work laptops that he subsequently set up so that Norks could remotely log into them and do his work for him. That would be the alleged laptop farm. It saves having to ship PCs off to North Korea or similar places and have people there use VPNs or equivalent to cover up the true location of the machines.

Prosecutors allege the laptops in this case were pooled in the US by Knoot, North Korean ghost workers connected in remotely to do the work he was tasked with, and as far as the UK and US employers were concerned, they were employing a guy in America using American broadband.

It's claimed each of those outsourced jobs raked in more than $250,000 during that year or so period, and that the money went via North Korean and Chinese accounts to the Kim Jong Un government.

The North Korean regime's industrial-scale use of laptop farming generates hundreds of millions annually, and exists to fund the impoverished hermit nation's programs to develop weapons of mass destruction, according to the Justice Dept.

(It's very interesting to see Uncle Sam repeatedly assert a connection between sanctions-busting outsourced IT workers and the funding of weapons of annihilation.)

Knoot was allegedly paid every month by a person named Yang Di for keeping his part of the scam running; prosecutors doesn't go into too much detail about who Di is, merely saying that he paid Knoot and that he was involved to some degree.

• Security biz KnowBe4 hired fake North Korean techie, who got straight to work ... on evil
• North Korean chap charged for attacks on US hospitals, military, NASA – and even China
• North Korea likely behind takedown of Indian crypto exchange WazirX
• North Korea building cash reserves using ransomware, video games

The alleged swindle may have chugged along to this day and beyond, were it not for the Feds searching Knoot's home and shutting down what's said to be a laptop farm in August last year.

It goes unsaid how long ago the FBI caught wind of Knoot's alleged misdeeds, though it might have something to do with the Nashville resident allegedly reporting his income to the IRS in Andrew M's name. It's possible the tax agency thought it was a little weird that one person was working multiple six-figure jobs at the same time.

In addition to allegedly siphoning all that employment income from the defrauded firms, investigations into Knoot and Di and subsequent clean up work apparently cost those businesses half a million bucks.

Knoot is charged with a variety of crimes, including conspiracy to unlawfully employ foreigners. The Tennessee citizen could face up to 20 years in prison, with a minimum of two years if he's at least convicted for aggravated identity theft.

"As alleged, this defendant facilitated a scheme to deceive US companies into hiring foreign remote IT workers who were paid hundreds of thousands of dollars in income funneled to the Democratic People's Republic of Korea for its weapons program,” thundered Assistant Attorney General Matthew Olsen.

"This indictment should serve as a stark warning to US businesses that employ remote IT workers of the growing threat from the DPRK and the need to be vigilant in their hiring processes."

The Feds have been working to disrupt and dismantle despotic Kim's laptop farms for some time now. In May, an Arizona woman was snared for allegedly infiltrating over 300 companies to acquire jobs for North Koreans. Her scheme made $6.8 million, it was claimed. ®