The FBI warns that North Korean IT workers continue targeting U.S. businesses to obtain fraudulent employment, access company networks, and generate revenue for the DPRK in violation of U.S. and U.N. sanctions. The activity relies on identity obfuscation and U.S.-based facilitators who receive company laptops, provide U.S. internet connections, enable remote desktop access, reship devices overseas, and help create job-site, financial, and front-business infrastructure. Facilitators may also attend virtual interviews or meetings, purchase web services such as AI models and background-check tools, and share proceeds from the employment schemes. The guidance matters because remote and outsourced IT hiring can give DPRK workers unauthorized access to corporate systems while disguising their location and identity.