5 individuals have pleaded responsible to serving to North Koreans defraud U.S. firms by posing as distant IT employees, the U.S. Division of Justice (DOJ) introduced on Friday.
The 5 individuals are accused of working as “facilitators” who helped North Koreans get jobs by offering their very own actual identities, or false and stolen identities of greater than a dozen U.S. nationals. The facilitators additionally hosted company-provided laptops of their properties throughout the U.S. to make it seem like the North Korean employees lived domestically, in response to the DOJ press launch.
These actions affected 136 U.S. firms and netted Kim Jong Un’s regime $2.2 million in income, mentioned the DOJ.
The newest spherical of responsible pleas is a part of a years-long effort by American authorities to disrupt North Korea’s means to generate profits from cybercrime. For years, North Korea has efficiently infiltrated a whole bunch of Western firms posing as distant IT employees — in addition to traders and recruiters — as a part of a scheme to fund its internationally sanctioned nuclear weapons program. Lately, the U.S. authorities has fought again, indicting individuals concerned within the scheme, and imposing sanctions on worldwide fraud networks.
“These prosecutions make one level clear: america is not going to allow [North Korea] to bankroll its weapons applications by preying on American firms and employees,” U.S. Lawyer Jason A. Reding Quiñones mentioned in a press launch. “We’ll hold working with our companions throughout the Justice Division to uncover these schemes, get well stolen funds, and pursue each particular person who allows North Korea’s operations.”
Three of the individuals — U.S. nationals Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis — every pleaded responsible to 1 depend of wire fraud conspiracy.
Prosecutors accused the three of serving to North Koreans posing as reliable IT employees, whom they knew labored outdoors of america, to make use of their very own identities to acquire employment, helped them remotely entry their company-issued laptops arrange of their properties, and in addition helped the North Koreans move vetting procedures, akin to drug checks.
Techcrunch occasion
San Francisco
|
October 13-15, 2026
Travis, who prosecutors mentioned was an energetic servicemember of the U.S. Military on the time of the scheme, earned greater than $50,000 for these actions, whereas Phagnasay and Salazar have been paid at the least $3,500 and $4,500, respectively. The scheme noticed U.S. firms pay round $1.28 million in salaries, most of which was despatched to the North Korean IT employees abroad, per the DOJ.
The fourth U.S. nationwide who pleaded responsible is Erick Ntekereze Prince, who ran an organization known as Taggcar, which provided to U.S. firms allegedly “licensed” IT employees however whom he knew labored outdoors of the nation and have been utilizing stolen or pretend identities. Prince additionally hosted laptops with distant entry software program at a number of residences in Florida, and earned greater than $89,000 for his work, the DOJ mentioned.
One other participant within the scheme who pleaded responsible to 1 depend of wire fraud conspiracy and one other depend of aggravated id theft is Ukrainian nationwide Oleksandr Didenko, who prosecutors accuse of stealing U.S. residents’ identities and promoting them to North Koreans so they might get jobs at greater than 40 U.S. firms.
In keeping with the press launch, Didenko earned a whole bunch of 1000’s of {dollars} for this service. Didenko agreed to forfeit $1.4 million as a part of his responsible plea.
The DOJ additionally introduced that it had frozen and seized greater than $15 million in cryptocurrency stolen in 2023 by North Korean hackers from a number of crypto platforms.
Crypto firms, exchanges, and blockchain tasks, have change into one of many favourite targets for North Korean hackers, who stole greater than $650 million in crypto in 2024, and greater than $2 billion to this point this yr.
