The U.S. Department of Justice announced Friday that five people have pleaded guilty to aiding North Korea in defrauding U.S. companies by posing as remote IT workers.
The five are suspected of working as “middlemen'' who helped North Koreans find jobs by providing their real identities or the false and stolen identities of more than a dozen Americans. The intermediaries also placed company-issued laptops in homes across the United States to make it appear that the North Korean workers lived locally, according to a Justice Department press release.
These measures affected 136 U.S. companies and generated $2.2 million in revenue for Kim Jong Un's regime, the Justice Department said.
The guilty plea is part of a long-standing effort by U.S. authorities to disrupt North Korea's ability to make money from cybercrime. For years, North Korea has successfully infiltrated hundreds of Western companies not only as remote IT workers but also as investors and recruiters as part of a scheme to fund its internationally sanctioned nuclear weapons program. In recent years, the U.S. government has fought back, prosecuting those involved in the scheme and imposing sanctions on the international fraud network.
“These indictments make one thing clear: the United States will not allow it.” [North Korea] “To prey on American businesses and workers to fund weapons programs,” U.S. Attorney Jason A. Redding QuiƱones said in a press release. “We will continue to work with our partners at the Department of Justice to uncover these programs, recover stolen funds, and pursue all those who enable North Korea's operations.”
Three of them, American nationals Audricus Fagnasay, Jason Salazar, and Alexander Paul Travis, each pleaded guilty to one count of conspiracy to commit wire fraud.
Prosecutors accused the three of helping North Koreans use their identities to obtain jobs while posing as official IT employees they knew worked outside the United States, helping them gain remote access to company-issued laptops in their homes, and helping North Koreans pass drug tests and other screening procedures.
tech crunch event
San Francisco | October 13-15, 2026
Prosecutors said Travis, an active-duty U.S. Army soldier at the time of the scheme, earned more than $50,000 from these activities, while Fagnasay and Salazar were paid at least $3,500 and $4,500, respectively. Under the program, U.S. companies paid out about $1.28 million in salaries, most of which was sent to North Korean IT workers overseas, according to the Justice Department.
The fourth American to plead guilty was Eric Ntekeleze Prince, who ran a company called Tagcar. The company allegedly supplied “certified” IT talent to U.S. companies, but knew that the talent was working abroad and using stolen or fake IDs. Prince also hosted laptops with remote access software at multiple Florida residences, earning more than $89,000 for his work, according to the Justice Department.
Another participant in the scheme, who pleaded guilty to wire fraud conspiracy and separate charges of aggravated identity theft, was Ukrainian national Oleksandr Dydenko, who prosecutors accuse of stealing the personal information of U.S. citizens and selling it to North Koreans for employment at more than 40 U.S. companies.
Didenko made hundreds of thousands of dollars with the service, according to a press release. Didenko agreed to forfeit $1.4 million as part of his guilty plea.
The Department of Justice also announced that it has frozen and seized more than $15 million in cryptocurrencies stolen from multiple crypto platforms by North Korean hackers in 2023.
Cryptocurrency companies, exchanges and blockchain projects have become popular targets for North Korean hackers, with more than $650 million in crypto stolen in 2024 and more than $2 billion so far this year.