A viral video circulating online has exposed a striking method to identify North Korean IT workers posing as legitimate candidates for remote jobs at Western companies. The footage captures an interviewer asking a job applicant to insult North Korean leader Kim Jong Un, a request that visibly unsettles the candidate before they abruptly exit the call.
The tactic hinges on a cultural and legal reality: insulting Kim Jong Un is illegal in North Korea and can lead to severe punishment. This ideological barrier serves as a filter, often stopping suspected impostors in their tracks during the hiring process. In the video, the applicant is asked to say, “Kim Jong Un is a fat ugly pig,” a demand that leaves them flustered and unable to comply before they disconnect.
For years, North Korean operatives have secured remote positions at hundreds of companies in the U.S. and Europe by using fake resumes and, in some cases, collaborating with American intermediaries. These hires violate strict sanctions imposed by Western governments due to North Korea’s prohibited nuclear weapons program, creating a persistent challenge for firms unaware of their employees’ true origins.
While the insult test has proven effective in certain instances, it is not foolproof. North Korean IT workers based in countries like China or Russia, where supervision by the regime may be less stringent, are sometimes able to evade such tactics. This limitation highlights the need for more robust cybersecurity measures as companies grapple with the infiltration of sanctioned individuals into their workforces.
The broader implications of this issue extend beyond individual hires. North Korea’s efforts to embed workers in tech roles often tie into larger cyber operations, including hacking and data theft, which have targeted everything from open-source projects to critical infrastructure in recent months. As of April 2026, the ongoing sophistication of these schemes continues to test the defenses of global tech industries.
The viral video serves as a stark reminder of the lengths to which North Korea will go to bypass international restrictions. With remote work expanding opportunities for such deception, companies face mounting pressure to refine their vetting processes. The incident captured in the clip, dated April 6, 2026, underscores a vulnerability that has yet to be fully addressed, with potentially millions in revenue and sensitive data at stake.
Information for this story was found via the sources and companies mentioned. The author has no securities or affiliations related to the organizations discussed. Not a recommendation to buy or sell. Always do additional research and consult a professional before purchasing a security. The author holds no licenses.
