US nationals admit guilt in North Korea employment fraud scheme
📅
Published: 11/14/2025
🔄
Updated: 11/14/2025, 6:40:26 PM
📊
8 updates
⏱️
8 min read
📱 This article updates automatically every 10 minutes with breaking developments
**U.S. Nationals Admit Guilt in North Korea Employment Fraud Scheme**
In a major development in the ongoing investigation into Nor...
In a major development in the ongoing investigation into North Korea’s global IT worker fraud network, several U.S. nationals have admitted guilt in a sophisticated scheme that enabled North Korean operatives to infiltrate American companies under false identities, defrauding hundreds of businesses and funneling millions of dollars back to Pyongyang.
Federal prosecutors announced on Friday that multiple U.S. c...
Federal prosecutors announced on Friday that multiple U.S. citizens—including an Arizona woman and a New Jersey man—have pleaded guilty or been sentenced for their roles in a years-long conspiracy that allowed North Korean IT workers to obtain remote employment at American firms, including Fortune 500 companies and nonprofit organizations. The scheme, which spanned more than half a decade, involved the use of stolen or fabricated identities, shell companies, and elaborate deception to conceal the true origins of the workers.
The most recent case centers on Zhenxing “Danny” Wang of New...
The most recent case centers on Zhenxing “Danny” Wang of New Jersey, who was arrested earlier this week and charged in a five-count indictment for his alleged involvement in a multi-year fraud that generated over $5 million in revenue for North Korea. Prosecutors say Wang and his co-conspirators helped North Korean IT workers secure remote jobs by providing them with fake credentials, registering financial accounts to receive illicit payments, and even hosting “laptop farms” in their homes to make it appear as though the workers were based in the United States.
In a separate but related case, an Arizona woman was sentenc...
In a separate but related case, an Arizona woman was sentenced to 102 months in prison for her role in a scheme that defrauded 309 U.S. businesses and two international companies, generating approximately $17 million for North Korea. According to court documents, she and her co-conspirators stole the identities of more than 60 U.S. residents and used them to apply for jobs, attend interviews, and collect salaries on behalf of North Korean nationals.
The Justice Department has also indicted 14 North Korean nat...
The Justice Department has also indicted 14 North Korean nationals for their roles in the broader scheme, which prosecutors say netted at least $88 million between 2017 and 2023. These individuals, many of whom worked for DPRK-controlled companies based in China and Russia, were ordered by their superiors to earn at least $10,000 per month. Some even participated in internal competitions, with bonuses awarded to top performers.
The fraud was not limited to salary theft. In several instan...
The fraud was not limited to salary theft. In several instances, North Korean IT workers stole sensitive company data—including proprietary source code—and threatened to leak it unless employers paid extortion fees. The stolen funds were then laundered through financial systems in the U.S. and China, ultimately benefiting the North Korean government.
U.S. authorities have seized more than $1.5 million and shut...
U.S. authorities have seized more than $1.5 million and shut down dozens of internet domains used to provide fake credentials to employers. Investigators have also highlighted the use of technological tools such as fake email addresses, social media accounts, and fictitious job references to facilitate the fraud.
The case has raised serious concerns about cybersecurity and...
The case has raised serious concerns about cybersecurity and the vulnerabilities of remote hiring practices. Some companies reportedly employed North Korean IT workers for years, unaware that their most talented employees were actually operating from overseas and funneling profits to a hostile regime.
“The scale and sophistication of this scheme are alarming,”...
“The scale and sophistication of this scheme are alarming,” said a senior Justice Department official. “These U.S. nationals played a critical role in enabling North Korea to exploit American businesses and fund its weapons programs. We are committed to holding all participants accountable.”
The admissions of guilt by U.S. nationals mark a significant...
The admissions of guilt by U.S. nationals mark a significant step in dismantling the network, but authorities warn that similar schemes may still be active. Companies are being urged to strengthen their hiring protocols and conduct more rigorous background checks, especially for remote positions.
As the investigation continues, federal agencies are working...
As the investigation continues, federal agencies are working with international partners to track down additional suspects and recover stolen assets. The case underscores the growing threat posed by state-sponsored cybercrime and the need for vigilance in an increasingly digital workforce.
🔄 Updated: 11/14/2025, 5:30:17 PM
Public and consumer reaction to the guilty plea by US nationals involved in the North Korean employment fraud scheme has been one of concern and frustration, especially due to the scale of the deception affecting over 300 U.S. companies and 68 stolen American identities. Victims and businesses have reported losses exceeding $3 million in legal and remediation costs, with many expressing shock at how sophisticated the scheme was, infiltrating large Fortune 500 corporations and government agencies[1][2]. An official involved stated the victims were "particularly harmed," highlighting the broader impact on companies attempting to hire contract workers quickly[4]. The Department of Justice and the FBI are offering a $5 million reward for information related to the perpetrators, underscoring the seriousness and public demand for justice
🔄 Updated: 11/14/2025, 5:40:19 PM
Five U.S. nationals have pleaded guilty to facilitating North Korean IT workers in a multi-year employment fraud scheme that infiltrated 136 U.S. companies, including many Fortune 500 firms, generating $2.2 million in revenue for the North Korean regime, according to the Department of Justice[3]. Experts emphasize that this sophisticated operation used stolen identities and laptop farms hosted in the U.S. to simulate local employment, enabling North Koreans to access sensitive corporate data and steal intellectual property, raising significant cybersecurity and national security concerns[6][7]. FBI officials advise companies to rigorously verify remote workers, including requiring frequent video verifications, to mitigate risks posed by such covert infiltration tactics[6].
🔄 Updated: 11/14/2025, 5:50:18 PM
Following the guilty pleas by five U.S. nationals in the North Korean remote IT worker fraud scheme, major technology and cybersecurity stocks saw mixed market reactions on Friday. Shares of leading cybersecurity firms such as CrowdStrike and Palo Alto Networks rose by approximately 2.3% and 1.8% respectively, as investors anticipated increased demand for security solutions amid heightened concerns about foreign cyber fraud infiltration. Conversely, select affected IT companies experienced modest dips averaging 0.5% to 1%, reflecting investor caution over potential reputational and operational risks stemming from the admissions[1][7].
🔄 Updated: 11/14/2025, 6:00:19 PM
Several U.S. nationals have pleaded guilty to helping North Korean IT workers infiltrate American companies using stolen identities, sparking concern among consumers and business leaders about data security. Public reaction has been one of alarm, with the Better Business Bureau warning that over 130 companies were affected and urging vigilance after reports that some remote workers had access to sensitive corporate information. "This is a wake-up call for every business hiring remotely," said one small tech firm owner in California, echoing a growing demand for stricter identity verification in the wake of the $2.2 million fraud exposed by the DOJ.
🔄 Updated: 11/14/2025, 6:10:27 PM
**BREAKING: Five US Facilitators Plead Guilty in Massive North Korea Remote Worker Fraud Operation**
Five American facilitators pleaded guilty today to helping North Korean operatives infiltrate 136 U.S. companies by posing as remote IT workers, generating $2.2 million in revenue for Kim Jong Un's regime, the Department of Justice announced.[1] The facilitators provided their own real identities or used false and stolen identities of more than a dozen U.S. nationals, while hosting company-provided laptops in their U.S. homes to create the illusion that North Korean workers were operating domestically.[1] This latest round of guilty pleas represents an intensifie
🔄 Updated: 11/14/2025, 6:20:28 PM
Five U.S. nationals—including Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis—have pleaded guilty to acting as facilitators in a North Korean IT employment fraud scheme, enabling North Koreans to infiltrate 136 U.S. companies by providing stolen or false identities and hosting company-issued laptops to mask remote access, according to the DOJ. The scheme, which netted North Korea $2.2 million, involved sophisticated technical deception, including the use of fake digital footprints, spoofed employment verifications, and remote access tools, raising serious concerns about the cybersecurity risks of remote hiring and the potential for sensitive data theft. “These actions highlight the evolving threat of foreign actors exploiting remote work infrastructure to bypass traditional
🔄 Updated: 11/14/2025, 6:30:25 PM
Five U.S. nationals pleaded guilty on Friday to facilitating North Korea's infiltration of American companies through fraudulent remote IT worker schemes, with the conspiracy affecting 136 U.S. firms and generating $2.2 million in revenue for Kim Jong Un's regime.[1] The facilitators provided their own real identities or false and stolen identities of more than a dozen U.S. nationals, while hosting company-provided laptops in their homes to create the appearance that North Korean workers were based domestically.[1] This latest guilty plea represents part of a broader years-long international crackdown, following recent sanctions imposed by the U.S. Treasury's Office of Foreign Assets Control in January 2
🔄 Updated: 11/14/2025, 6:40:26 PM
Five U.S. nationals, including Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis, pleaded guilty to wire fraud conspiracy for helping North Koreans obtain remote IT jobs in the U.S. by providing real and stolen identities and hosting company laptops to mask their locations, defrauding 136 U.S. companies and generating $2.2 million for North Korea’s regime, according to the Department of Justice[1][9]. This is part of a broader crackdown following the indictment of 14 North Korean nationals who earned at least $88 million by stealing U.S. identities to infiltrate American firms, with the State Department offering up to $5 million for information on the perpetrators[2][4].