Four U.S. citizens and a Ukrainian have pleaded guilty to participating in criminal schemes aimed at generating funds for North Korean arms development, the Department of Justice announced on Friday. Photo by KCNA/EPA-EFE
Nov. 14 (UPI) — Four U.S. citizens and a Ukrainian pleaded guilty to participating in North Korean internet technology worker and virtual currency theft schemes.
The Department of Justice announced the guilty pleas on Friday for the illegal schemes that generated funding for North Korea’s armaments program and other uses at various times, from 2019 to 2024.
“Facilitators in the United States and Ukraine assisted North Korean actors with obtaining remote IT employment with U.S. companies,” the DOJ said.
“The facilitators provided their own, false or stolen identities and hosted U.S. victim company-provided laptops at residences across the United States to create the false appearance that the IT workers were working domestically.”
The DOJ said the employment schemes affected at least 136 U.S. companies and used the identities of more than 18 U.S. citizens or legal residents to generate more than $2.2 million for the North Korean government.
The three U.S. defendants who pleaded guilty are Audricus Phagnasay, 24; Jason Salazar, 30; and Alexander Paul Travis, 34, all of whom entered their guilty pleas in the U.S. District Court for Southern Georgia.
The three pleaded guilty to providing U.S. identities to those who are located outside of the United States to enable them to obtain remote work with U.S. firms in exchange for between $3,450 and $51,397 in compensation.
Salazar and Travis at times completed drug testing on behalf of the overseas individuals.
The three defendants also kept laptops at their homes to make it look like the foreign individuals were located in the United States.
The IT worker scheme generated about $1.28 million in pay for the overseas workers.
Erick Ntekereze Prince, 30, also pleaded guilty to a conspiracy to commit wire fraud charge in the U.S. District Court for Southern Florida on Nov. 6.
Federal prosecutors said Prince used his company Taggcar Inc. to contract and supply overseas IT workers to U.S. firms by misrepresenting them as U.S.-based workers.
He also hosted laptops at several Florida residences and installed remote-access software to make it look like the overseas workers were working from locations in Florida.
Prince was paid more than $89,000 for his participation in the scheme, according to the DOJ.
Ukrainian Oleksander Didenky also pleaded guilty to conspiracy to commit wire fraud and aggravated identity theft in the U.S.District Court for the District of Columbia.
He agreed to forfeit $1.4 million for helping North Korean and other IT workers to get jobs at 40 U.S. companies.
A North Korean military hacking group identified as Advanced Persistent Threat 38 also carried out virtual currency heists totaling millions of dollars in value in 2023 while targeting four overseas platforms, according to the DOJ.
“While APT38 actors continued to launder their ill-gotten gains for these heists, the U.S. government froze and seized more than $15million worth of virtual currency that it now seeks to forfeit for eventual return to their rightful owners,” the DOJ said.
The criminal activities arise from the North Korean government’s efforts to evade U.S. sanctions and generate millions of dollars to help fund its weapons programs, including nuclear arms development, said Roman Rozhavsky, assistant director of the FBI’s Counterintelligence Division.
“These guilty pleas send a clear message: No matter who or where you are, if you support North Korea’s efforts to victimize U.S. businesses and citizens, the FBI will find you and bring you to justice,” Rozhavsky said.
“We will ask all our private sector partners to improve their security process for vetting remote workers and to remain vigilant regarding this emerging threat,” he added.