The U.S. Justice Department announced major actions against North Korean cybercrime, including five people admitting guilt and the government taking more than $15 million in property linked to the crimes.
These operations reveal how the Democratic People’s Republic of Korea (DPRK) uses fraudulent IT workers and cryptocurrency heists to fund its weapons programs while evading international sanctions.
Facilitators in the United States and Ukraine helped North Korean actors secure remote IT jobs with American companies.
The scheme involved using stolen or false identities and hosting company-provided laptops at U.S. residences to create the false appearancethat workers were based in the U.S.
This elaborate fraud impacted more than 136 U.S. companies, generating over $2.2 million in revenue for the North Korean regime and compromising the identities of over 18 American citizens.
According to the Justice Department, five individuals have admitted they are guilty of their roles in these schemes.
Three U.S. nationals, Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis, admitted to providing their identities to overseas IT workers and hosting laptops at their homes.
Travis, an active-duty U.S. Army member at the time, received at least $51,397 for his participation. Their scheme alone earned approximately $1.28 million from victim companies.
Ukrainian national Oleksandr Didenko pleaded guilty to stealing U.S. citizen identities and selling them to overseas IT workers, enabling fraudulent employment at 40 U.S. companies.
Didenko agreed to forfeit more than $1.4 million. Additionally, Erick Ntekereze Prince admitted to supplying falsely certified IT workers through his company, earning over $89,000.
Separately, the Justice Department went to court to get back over $15 million in cryptocurrency stolen by APT38, a North Korean military hacking group.
The group executed four major heists in 2023, stealing virtual currency from platforms in Estonia, Panama, and Seychelles, totaling approximately $382 million.
These enforcement actions demonstrate the government’s comprehensive approach to disrupting North Korean revenue generation schemes that fund weapons development and threaten national security.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
