The U.S. Justice Department has announced a significant crackdown on North Korean cybercrime operations, securing five guilty pleas and initiating civil forfeiture actions totaling over $15 million against schemes orchestrated by the Democratic People’s Republic of Korea (DPRK).
The elaborate fraud network impacted more than 136 American companies, generating $2.2 million for the North Korean regime while compromising the identities of over 18 U.S. citizens.
Fraudulent IT Worker Scheme Exposed
Court documents reveal that facilitators in the United States and Ukraine helped North Korean actors secure remote IT positions with U.S. companies through sophisticated identity theft operations.
The schemes involved providing false or stolen identities and hosting company-provided laptops at U.S. residences to create the illusion that workers were operating domestically.
“These actions demonstrate the Department’s comprehensive approach to disrupting North Korean efforts to finance their weapons program on the backs of Americans,” said Assistant Attorney General for National Security John A. Eisenberg.
In Georgia, three U.S. nationals, Audricus Phagnasay, 24, Jason Salazar, 30, and Alexander Paul Travis, 34, pleaded guilty to wire fraud conspiracy charges.
Between September 2019 and November 2022, they provided their identities to overseas IT workers.
They hosted company laptops at their residences and installed unauthorized remote access software. Travis, an active-duty U.S. Army member, received at least $51,397, while the scheme generated approximately $1.28 million in total salary payments.
Ukrainian national Oleksandr Didenko pleaded guilty in Washington, D.C., to wire fraud conspiracy and aggravated identity theft for stealing U.S. citizens’ identities and selling them to overseas IT workers, including North Koreans.
His operation enabled fraudulent employment at 40 U.S. companies, and he agreed to forfeit more than $1.4 million in seized assets.
In Florida, Erick Ntekereze Prince, 30, pleaded guilty to wire fraud conspiracy for supplying allegedly “certified” IT workers through his company, Taggcar Inc.
Between June 2020 and August 2024, Prince earned more than $89,000 while facilitating a scheme that generated over $943,000 in fraudulent payments.
The Justice Department filed civil forfeiture complaints seeking to forfeit over $15 million in USDT cryptocurrency seized from the North Korean military hacking group APT38.
The confiscated funds relate to four major heists in 2023 targeting virtual currency platforms in Estonia, Panama, and Seychelles, collectively resulting in approximately $382 million in digital assets being stolen.
Assistant Director Roman Rozhavsky of the FBI’s Counterintelligence Division urged private-sector partners to improve security processes for vetting remote workers, emphasizing that the FBI will pursue enablers regardless of location.
These prosecutions are part of the DPRK RevGen: Domestic Enabler Initiative, a joint effort by the National Security Division and the FBI to disrupt North Korea’s illicit revenue generation schemes.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and set GBH as a Preferred Source in Google.