US Nationals Sentenced Over DPRK Remote IT Worker Fraud Scheme

The Department of Justice has sentenced two US nationals for facilitating a fraudulent remote IT worker scheme that generated more than $5 million in illicit revenue for the Democratic People’s Republic of Korea, underlining the growing national security risk posed by DPRK cyber-enabled revenue operations.

Kejia Wang, 42, of Edison, New Jersey, was sentenced to 108 months in prison, while Zhenxing Wang, 39, of New Brunswick, New Jersey, received a 92-month sentence. Both men admitted roles in a scheme that enabled North Korean IT workers to pose as US-based employees and obtain remote work at more than 100 US companies.

The case centred on so-called “laptop farms”, where company devices were hosted in the United States and remotely accessed by overseas workers using tools including keyboard-video-mouse switches. The arrangement helped deceive victim employers into believing they had hired legitimate US-based IT staff, while the workers were in fact linked to DPRK revenue generation activity.

According to the Department of Justice, the scheme used the stolen identities of at least 80 US persons and caused victim companies to incur at least $3 million in legal, remediation and other costs. It also exposed sensitive employer data and source code, including International Traffic in Arms Regulations data from a California-based defence contractor.

The defendants also created shell companies, including Hopana Tech LLC, Tony WKJ LLC and Independent Lab LLC, to give the appearance of legitimate US business activity. Financial accounts linked to those entities received millions of dollars from victim companies, with much of the money transferred to overseas co-conspirators.

The sentencing highlights the compliance and security implications of DPRK IT worker schemes for employers, financial institutions and technology companies. Remote hiring controls, identity verification, device monitoring, payroll due diligence and sanctions screening are now central risk areas, particularly where contractors seek access to sensitive systems or source code.

The case forms part of the DPRK RevGen: Domestic Enabler Initiative, a joint Department of Justice and FBI effort targeting North Korea’s illicit revenue generation networks and US-based facilitators. Eight other indicted defendants remain at large, and the Department of State’s Rewards for Justice programme has announced a reward of up to $5 million for information leading to the disruption of related DPRK financial mechanisms.

Read the press release here.