
The US Department of Justice (DoJ) on Thursday indicted five suspects said to be behind a years-long North Korean remote worker scheme designed to fund the dictatorship’s national weapons programs.
DoJ officials say the indictment is the latest action taken to disrupt the deluge of overseas “laptop farms” that trick American companies into hiring workers from the Democratic People’s Republic of Korea (DPRK).
These types of North Korean remote worker schemes are just another tactic used by the DPRK to generate funds for its nuclear weapons program since the US government’s comprehensive trade and economic sanctions against the regime, dating back to the 1950s.
“The DPRK has dispatched thousands of skilled IT workers to live abroad, primarily in China and Russia, with the aim of deceiving US and other businesses worldwide into hiring them as freelance IT workers,” DoJ officials said.
The five suspects – North Korean nationals Jin Sung-Il and Pak Jin-Song, Mexican national Pedro Ernesto Alonso De Los Reyes, and US nationals Erick Ntekereze Prince and Emanuel Ashtor – are accused of fraudulently obtaining work from at least sixty-four US companies, along with a pool of unindicted co-conspirators.
Two North Korean Nationals and Three Facilitators Indicted for Multi-Year Fraudulent Remote Information Technology Worker Scheme that Generated Revenue for the Democratic People’s Republic of Koreahttps://t.co/9NrlPC3hoh
undefined National Security Division, U.S. Dept of Justice (@DOJNatSec) January 23, 2025
FBI discovers laptop farm in North Carolina
The scheme, which ran from approximately April 2018 through August 2024, garnered at least $866,255 in revenue from 10 different US companies.
As typical of these operations, the money is laundered – in this case, through a Chinese bank account – and then sent back to the DPRK.
The schemes also often involve the use of fake IDs, pseudonymous emails, fake social media accounts, payment platforms, online job site accounts, and false websites.
The FBI said the North Korean nationals and their co-conspirators used forged and stolen identity documents, including legitimate US passports, to conceal their true identities.

Still, the biggest fraud of remote worker scams is the use of laptop farms, where “witting and unwitting third parties located in the United States and elsewhere” will use proxy computers to impersonate the hired workers, the DoJ said.
The US nationals (Ntekereze and Ashtor) were arrested by the FBI after searching Ashtor’s North Carolina home and discovering laptops provided by the victim companies – evidence he had been running a massive laptop farm from the residence, according to the indictment.
The duo was also said to have downloaded and installed remote access software on the company laptops without authorization so other “workers” could access the devices to impersonate the workers.
The DoJ says North Korean IT workers have been known to make up to $300,000 each annually, generating hundreds of millions of dollars collectively each year.
All five defendants face up to 20 years in prison on conspiracy charges related to damaging a protected computer, wire and mail fraud, money laundering, and the transfer of false identification documents.
Alonso was arrested in the Netherlands on January 10th.
Your email address will not be published. Required fields are markedmarked