Two Americans have been sentenced to a combined 200 months in prison for helping North Korea generate around $5 million through a fake remote IT worker operation.
Kejia “Tony” Wang, 42, and Zhenxing “Danny” Wang, 39, helped North Korean operatives obtain tech jobs at more than 100 US companies between 2021 and 2024, including Fortune 500 firms and at least one US defense contractor.
What they did
Kejia Wang appears to have acted as a manager in the scheme, overseeing at least five facilitators. Zhenxing Wang was one of those facilitators and is accused of running laptop farms that allowed North Korean workers to log into US employer-issued devices remotely while appearing to be working from US IP addresses.
Both men also set up US companies that supposedly offered software development services, but prosecutors said they were really shell companies used to receive wages on behalf of the overseas workers.
The wider scheme relied on the stolen identities of at least 80 US citizens so the North Korean workers could pass background checks and be hired as remote staff.
How the operation worked
US employers sent company laptops and other managed devices to addresses controlled by the facilitators.
The facilitators then kept and operated large numbers of these machines, allowing North Korea-based workers to connect in remotely and perform their jobs while appearing to be based in the United States.
Court documents said the facilitators collectively operated hundreds of laptops.
Kejia Wang also helped manage the financial accounts into which victim companies deposited salaries. Much of that money was then routed to overseas co-conspirators.
Money and impact
Officials said the scheme generated about $5 million for North Korea.
Kejia Wang and the facilitators reportedly made nearly $700,000 for themselves. The US Department of Justice ordered the two men to forfeit $600,000, of which $400,000 has already been recovered.
Victim companies were also said to have suffered around $3 million in additional losses, including legal fees, remediation costs, and other damage.
Sensitive data accessed
For at least one victim, the damage went beyond money.
A California-based defense contractor that develops AI-powered equipment and technologies discovered that a North Korean worker had accessed highly sensitive data, including employer data, source code, and material controlled under ITAR.
Sentences
- Kejia Wang was sentenced to 108 months in prison and ordered to pay $29,236.03 in restitution.
- Zhenxing Wang was sentenced to 92 months in prison.
Both men will also serve three years of supervised release.
Still wanted
US authorities are still seeking eight other alleged participants and one North Korean IT worker, all of whom remain at large.
FBI statement
The FBI said the case should serve as a warning that US nationals who help DPRK IT worker schemes and channel money to North Korea can expect investigation and prison time.