Two US nationals were jailed this week for their roles in North Korean IT worker schemes that caused millions in damages to US companies.
The individuals, Kejia Wang, 42, of Edison, New Jersey, and Zhenxing Wang, 39, of New Brunswick, New Jersey, were charged in June 2025, when the US stormed 29 laptop farms across 16 states.
According to court documents, between 2021 and 2024, the two individuals and their co-conspirators compromised the identities of more than 80 people in the US and used them to land jobs at over 100 companies.
The scheme generated over $5 million in illegal proceeds for the North Korean government and caused losses of more than $3 million to the victim companies.
Kejia Wang, the documents show, supervised at least five US facilitators that ran laptop farms hosting hundreds of laptops from US victim companies. Zhenxing Wang was one of these facilitators.
The facilitators hosted the laptops at their residences and connected them to devices that allowed overseas workers to access them remotely, so they could pose as IT workers based in the US.
The documents presented in court also show that the two created multiple shell companies to make it look as if the overseas workers were affiliated with US-based companies.
However, these businesses had no employees, and their financial accounts received millions in payments from the victim companies. Most of the funds were transferred overseas to the co-conspirators.
The two, along with four other US-based facilitators, received roughly $700,000 for their participation in the scheme.
Kejia Wang and Zhenxing Wang were sentenced to 108 and 92 months in prison, respectively, and ordered to forfeit a total of $600,000 in illegal proceeds. Kejia Wang was also ordered to pay over $29,000 in restitution.
Nine other individuals indicted in relation to the scheme remain at large, and the US has announced a reward of up to $5 million for information leading to their arrest.
The individuals are Xu Yongzhe, Huang Jingbin, Tong Yuze, Zhou Baoyu, Yuan Ziyou (Samuel Yuan), Zhou Zhenbang, Liu Menting, Liu Enchia, and Song Min Kim (also known as Chengmin Jin).
Related: North Korean Hackers Target High-Profile Node.js Maintainers
Related: North Korean Hackers Drain $285 Million From Drift in 10 Seconds
Related: Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea
Related: Ukrainian Gets 5 Years in US Prison for Aiding North Korean IT Fraud
