Cybercrime

5 Plead Guilty in US to Helping North Korean IT Workers

Audricus Phagnasay, Jason Salazar, Alexander Paul Travis, Erick Ntekereze, and Oleksandr Didenko have pleaded guilty.

Five individuals have pleaded guilty this month in US courts to helping North Korean IT workers obtain employment at more than 130 companies.

Four of the individuals are US nationals. One of them is 30-year-old Erick Ntekereze Prince, who used his company to supply ‘certified’ IT workers to companies in the United States. Authorities say the man knew that the IT workers were using false and stolen identities, and he hosted laptops provided by the victim companies at locations in Florida to trick them into believing that the workers were in the United States.

Prince, who is said to have earned more than $89,000 for his role in the scheme, is one of the several individuals charged in early 2025 for helping North Korean IT workers gain employment. The US Justice Department said the scheme involving Prince targeted 64 US companies and resulted in more than $900,000 worth of salary payments from victim firms.  

The other three Americans who pleaded guilty are Audricus Phagnasay, 24, Alexander Paul Travis, 34, and Jason Salazar, 30. They were accused of providing their identities to fake IT workers between 2019 and 2022.

In addition to hosting laptops for the workers, the three helped them pass employee screening processes, including drug tests.

Travis was an active-duty member of the US Army when he took part in the scheme. He earned more than $51,000, while Salazar and Phagnasay earned a few thousand dollars each. The scheme earned the North Korean IT workers roughly $1.28 million in salary payments.

Advertisement. Scroll to continue reading.

Each of these four US nationals has pleaded guilty to one count of wire fraud conspiracy.

The fifth individual is Ukrainian national Oleksandr Didenko, who pleaded guilty to one count of wire fraud conspiracy and one count of aggravated identity theft. He has also agreed to forfeit more than $1.4 million.

Didenko, who was arrested in 2024 in Poland, helped North Korean IT workers obtain employment at 40 US firms, enabling them to earn hundreds of thousands of dollars. 

Overall, the DOJ says, the five defendants helped North Korean workers trick more than 136 companies into hiring them, generating over $2.2 million for the regime.

North Korea is believed to have deployed thousands of skilled IT workers abroad, and they are estimated to generate hundreds of millions of dollars every year, which is used to fund North Korea’s weapons programs. 

In addition to the guilty pleas, the Justice Department announced on Friday that it has filed civil complaints for the forfeiture of more than $15 million worth of USDT (Tether) cryptocurrency seized by the FBI in March 2025 from the North Korean threat actor tracked as APT38, better known as Lazarus

The hackers have raised a significant amount of money for the North Korean government through cryptocurrency heists, including ones that exceeded $100 million.

Related: North Korea’s Fake Recruiters Feed Stolen Data to IT Workers

Related: US Storms 29 Laptop Farms in Crackdown on North Korean IT Worker Schemes

Related: US Seeks Forfeiture of $7.74M in Cryptocurrency Tied to North Korean IT Workers

Related Content

Supply Chain Security

The PolinRider campaign has compromised more than 100 legitimate open source packages and repositories to deliver a backdoor and information stealer to developers.

Supply Chain Security

A malicious dependency the attackers added to over 140 Mastra packages fetches a payload targeting cryptocurrency extensions.

Nation-State

The campaigns focus on financial organizations, including cryptocurrency, venture capital, and blockchain entities.

Cybercrime

Angelo Martino of Florida has pleaded guilty to collaborating with the BlackCat cybercrime group while working as a ransomware negotiator.

Cybercrime

The hackers targeted LayerZero’s DVN, compromising certain RPCs and DDoSing others to trigger failover to the poisoned infrastructure.  

Cybercrime

Tyler Buchanan admitted in court to hacking into various companies, defrauding them, and stealing cryptocurrency from multiple individuals.

Cybercrime

Kejia Wang and Zhenxing Wang compromised the identities of dozens of US persons to help land jobs at over 100 companies.

Artificial Intelligence

The AI giant is taking action after determining that a macOS code signing certificate may have been compromised.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version