Risky Business Features What happens after North Korea infiltrates?
Apr 8, 2026
Geoff White, investigative journalist who co-created the Lazarus Heist series, unpacks North Korea’s IT infiltration scheme. He describes interview tricks, deepfakes and laptop farms. He outlines how hires funnel work to hacker units, launder salaries and route funds toward regime priorities. The picture is more methodical and diabolical than headlines suggest.
AI Snips
Chapters
Books
Transcript
Episode notes
North Korea Shifted From Loud Hacks To Job Infiltration
- North Korea pivoted from noisy mass hacks to infiltrating remote IT jobs to gain persistent access and easier payouts.
- Crypto firms were initial targets because they hired remotely, paid in crypto, and did lax identity checks, letting operatives get paid and launder funds quickly.
Interviews Are Passed With Deepfakes And Live Coaching
- Passing interviews required new tradecraft: deepfakes, coached proxies, and live feeders to answer interview questions.
- Geoff White cites Aidan Rainey's case where a proxy was coached live to pass the interview and secure the job.
Laptop Farmer Christina Chapman Took Delivery Of 72 Laptops
- Christina Chapman ran a laptop farm taking delivery of dozens of corporate laptops that connected back to DPRK.
- She kept 72 laptops, was paid to forward credentials and checks, and later pleaded guilty and was convicted.
