For years, security teams focused on defending against malicious code injected into open source projects and package repositories. At Sonatype, we’ve tracked espionage campaigns, shadow downloads, and targeted malware designed to compromise development environments.
But the threat landscape is shifting. In a troubling new development, hostile nation-state threat actors are no longer content with attacking software from the outside. Instead, they are embedding themselves inside the teams that create it.
A recent CrowdStrike report, highlighted by Fortune, sheds light on the alarming scale of this tactic. Over the past year, North Korean IT operatives, disguised as legitimate software developers, have successfully infiltrated over 320 companies — a staggering 220% increase compared to the previous year. Their targets span the globe, from Fortune 500 corporations to smaller tech firms, and their toolkit now includes an unexpected weapon: artificial intelligence (AI).
The Tactic: Becoming the Developer
The North Korean program, codenamed “Famous Chollima” by CrowdStrike, trains thousands of operatives in software engineering, English proficiency, and Western business norms.
These operatives work in teams, often based in third-party countries like China, Russia, and Poland, and each is tasked with earning upwards of $10,000 per month for the regime.
The scheme has several goals:
-
Generate revenue to evade sanctions and fund weapons programs (estimated at $250M to $600M per year).
-
Gain insider access to software projects, potentially handing intelligence or backdoor access to other cyber units.
-
Embed long-term within corporate development teams to exfiltrate intellectual property or strategically sabotage operations.
This is not just a simple malware attack. It’s about establishing and maintaining a presence within the software development process. And that matters because developers have privileged access to an organization’s most critical assets: code and build systems.
Developers are the new perimeter. When threat actors embed themselves directly into development infrastructure, they obtain a critical entry point to insert malicious code, exfiltrate intellectual property, or quietly undermine the integrity of the software supply chain.
AI as a Force Multiplier
AI is now central to every stage of this infiltration strategy:
-
Identity fabrication: Deepfake photos, forged documents, and synthetic personas help bypass human resources checks and balances.
-
Interview assistance: AI-guided answers to technical questions and real-time deepfake masking during video calls allow operatives to convincingly play multiple personas.
-
On-the-job performance: AI chatbots help operatives write code, respond in Slack, and manage multiple jobs simultaneously, without revealing their real identity or location.
This is the same AI-powered social engineering evolution we have observed in phishing and malware campaigns, but now it’s aimed directly at the hiring process and ongoing collaboration within development teams.
From Laptop Farms to Global Networks
While U.S. law enforcement has disrupted many “laptop farm” operations domestically, the model is spreading internationally.
Operations have shifted to Western Europe, where laptops are shipped to centralized locations under false pretenses (“family emergencies” or “medical leave”), before being remotely accessed by operatives abroad.
This tactic means a company could hire what they believe is a Romanian or Polish developer, only for the hardware and credentials to be in the hands of a North Korean operative within days.
Why This Matters for Software Security
We tend to think of software supply chain security in terms of code artifacts — packages, dependencies, and commits.
But this evolving trend underscores a sobering reality: the human element is also part of the software supply chain. If an adversary is already a developer within a company, every pull request, architecture discussion, and CI/CD pipeline is at risk.
The boundaries between insider threat, nation-state espionage, and software supply chain compromise are collapsing.
Defensive Shifts: From Code-First to People-First
To defend against this class of threat, organizations need to extend “zero trust” principles from infrastructure and applications to their hiring and personnel practices:
-
Rigorous Identity Verification: Verify references, employment history, and contact details independently through reliable sources, rather than rely solely on information provided by the applicant.
-
Geographic and Device Controls: Closely monitor shipping addresses and device handoffs, especially for remote hires in high-risk regions.
-
Access Minimization: Apply “need-to-know” principles to development environments — limit permissions, enforce time-bound access, and monitor activity for anomalies.
-
Ongoing Verification: Don’t assume trust is permanent. Periodic re-verification of identities and device locations can catch later-stage compromises.
The Bigger Picture
This wave of infiltrations is not just about North Korea, but also a broader evolution in how adversaries target software development.
Our research on AI and open source malware shows that generative AI accelerates both defense and attack. It helps defenders catch threats sooner, but also gives attackers tools to scale their methods.
At Sonatype, we believe that securing the software supply chain requires a focus on both the code and the people behind it. The diligence used in scanning dependencies and vetting packages must now extend to the human element of development, ensuring a comprehensive approach to protection.
The future of secure software development depends on it.
