The US Department of Justice has announced that five people have pleaded guilty to helping North Korean actors obtain remote IT employment with US companies to commit fraud.
According to court documents, four US nationals and one Ukrainian provided their own, false, or stolen identities, and hosted company-issued laptops in homes across the United States to make it appear as if North Korean workers were working from the US.
The DOJ says that the scheme impacted over 136 companies, generated more than $2.2 million in revenue for the Democratic People’s Republic of Korea (DPRK) regime, and compromised the identities of more than 18 Americans.
Audricus Phagnasay, 24, Jason Salazar, 30, and Alexander Paul Travis, 34, pleaded guilty to one count of wire fraud conspiracy. Between September 2019 and November 2022, they provided external IT workers with their identities to help them obtain employment with US companies. They also hosted work laptops at their homes and installed remote access software on those laptops without authorization, making it appear as if IT workers were working remotely from their residences.
Defendants also assisted those workers with passing employer vetting procedures – the DOJ cites an example of Travis (who was an active-duty member of the US Army at the time) and Salazar, who completed drug testing on their behalf.
Each of the three US nationals also received their fair share of money for the scheme. Travis netted at least $51,397, while Phagnasay and Salazar earned at least $3,450 and $4,500, respectively.
Another facilitator, US national Erick Ntekereze Prince, 30, used his company Taggcar Inc., to contract “certified” IT workers to victim US companies, who he knew were located outside the US and used stolen identities to obtain employment. He also hosted company-provided laptops at Florida residences and installed remote software without authorization to help it appear as if workers were operating from his residence. Prince received more than $89,000 for his part.
In turn, Ukrainian national Oleksandr Didenko also pleaded guilty to one count of wire fraud conspiracy, as well as one count of aggravated identity theft. Didenko participated in a scheme that sold stolen identities of US workers overseas, allowing North Korean IT workers to get employment at 40 US companies. According to the DOJ, Didenko’s IT worker clients were paid hundreds of thousands of dollars by victim companies.
Didenko agreed to forfeit over $1.4 million, including about $570,000 in seized fiat and cryptocurrency, as part of the plea.
“North Korea is focused on victimizing and perpetrating fraud on American citizens, companies, and banks by stealing the identity of US citizens and selling them around the world so foreign actors can gain employment in America,” said US Attorney Jeanine Ferris Pirro for the District of Columbia.
“These convictions prove that we will stop at nothing to uncover complex fraud schemes especially when they are committed by North Korean actors to fund their weapons program.”
The DPRK regime commonly resorts to cybercrime, crypto hacks, and fraud to advance its goals, evade sanctions, and raise money for the economy. Earlier in 2025, it was revealed that crypto-related hacks accounted for approximately one-third of the DPRK’s total foreign currency revenue in 2024.
In a joint statement published in October 2025, the governments of the US, Australia, Canada, France, Germany, Italy, Japan, the Netherlands, New Zealand, the Republic of Korea, and the UK encouraged “all UN member states to raise awareness about the DPRK’s malicious cyber activities and hold responsible parties accountable for UNSCR violations, including through sanctions.”
Your email address will not be published. Required fields are markedmarked