During Fisker’s short time as a functional car company, it really couldn’t help but do weird shit. Now, as it turns out, the dead automaker accidentally employed a North Korean spy on its technology team. No, I’m not joking.
The spy wasn’t there to learn about the inner workings and secrets of Fisker. That wouldn’t have been worth his time. Instead, according to Danish magazine the Engineer and reported by InsideEVs, the North Koreans wanted in at Fisker as part of an elaborate money laundering scheme. The money used to pay that employee also went to the worst place imaginable: North Korea’s ballistic missile program. You couldn’t make this shit up if you tried.
Here’s how this bizarre and troubling situation came to be, according to InsideEVs:
It all started in October 2022 when Fisker hired a remote IT employee named Kou Thao. The employee listed his home address as a house in Arizona. Nothing screamed subterfuge to Fisker. After all, it’s not out of the ordinary for a global company to contract with or hire remote IT workers. Except there was an elaborate scam happening behind the scenes that nobody caught, because it wasn’t Thao who lived there—it was a woman named Christina Chapman.
Once hired, the companies shipped a laptop to Chapman’s Arizona residence addressed to the fake identity. Chapman would allegedly arrange to set up the laptops in the home-grown laptop farm so they could be used by the North Korean threat actors who accessed the computers remotely from Russia and China. The agents would have their paychecks shipped to the Chapman and ultimately funneled back to their home country to avoid the sanctions otherwise imposed on the DPRK. Reportedly, Chapman also assisted by procuring, delivering, and signing forged documents.
The FBI and other U.S. government agencies became aware of the orchestrated scam. They began issuing advisories and guidance on the ongoing threat to help safeguard other companies and the public. When it became aware that Fisker was a victim, a local field office reached out to warn the automaker—that’s when Fisker dug into the employee and subsequently terminated his employment in September 2023.
At this point, Thao’s involvement with Fisker ends, but InsideEVs says this isn’t always where North Korea stops scamming. They play their “trump card” when threat actors are fired. These folks would – when not working – abuse their privileged access to internal systems. From there, they would exfiltrate sensitive data before they are fired. You can see where this is going. They then use that information to extort the company by demanding ransom payments.
To save Fisker some embarrassment, it doesn’t seem to the be only automaker caught up in North Korea’s scheme. From the looks of it, it’s one of the Big Three, as InsideEVs explains:
Another, simply identified in a DOJ filing as “a Fortune 500 iconic American automotive manufacturer located in Detroit, Michigan,” had a North Korean operative contracted through a staffing agency where they earned $214,596—though it’s not clear just how much the spy earned through the Fisker or the unnamed automaker alone.
Preliminary complaints uncovered $6,323,417 in ill-gotten wages between 2021 and 2023 from companies in the automotive, technology, cybersecurity, aerospace, media, retail, and food delivery industries. In total, the DOJ revealed that more than 60 identities were used in the scheme. The total wages eventually reached over $6.8 million and impacted more than 300 U.S. companies. The bad actors also attempted to gain access to positions contracted with the U.S. government, including the Department of Homeland Security, Immigration and Customs Enforcement, and the General Services Administration.
When reached for comment, Fisker CEO Henrik Fisker told The Engineer that he had no comment as the case “is with the FBI.” The company denied knowing of any material cybersecurity threats in its 2023 year-end report despite reportedly being alerted of the nation-state actor from North Korea employed in its IT team for more than a year.
“In 2023, we did not identify any cybersecurity threats that have materially affected or are reasonably likely to materially affect our business strategy, results of operations, or financial condition.” wrote Fisker in its 2023 annual report filed with the U.S. Securities and Exchange Commission.
In the end, none of this really had any effect on Fisker – the automaker had much more pressing existential threats to deal with, but it’s still pretty damn wild. The next time you fall for a phishing scam, don’t feel too bad. In a way, Fisker did too.