Virtual Event Today: Cloud & Data Security Summit - Join Event In-Progress
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Two North Korean IT Worker Scheme Facilitators Jailed in the US

Kejia Wang and Zhenxing Wang compromised the identities of dozens of US persons to help land jobs at over 100 companies.

North Korea

Two US nationals were jailed this week for their roles in North Korean IT worker schemes that caused millions in damages to US companies.

The individuals, Kejia Wang, 42, of Edison, New Jersey, and Zhenxing Wang, 39, of New Brunswick, New Jersey, were charged in June 2025, when the US stormed 29 laptop farms across 16 states.

According to court documents, between 2021 and 2024, the two individuals and their co-conspirators compromised the identities of more than 80 people in the US and used them to land jobs at over 100 companies.

The scheme generated over $5 million in illegal proceeds for the North Korean government and caused losses of more than $3 million to the victim companies.

Kejia Wang, the documents show, supervised at least five US facilitators that ran laptop farms hosting hundreds of laptops from US victim companies. Zhenxing Wang was one of these facilitators.

The facilitators hosted the laptops at their residences and connected them to devices that allowed overseas workers to access them remotely, so they could pose as IT workers based in the US.

Advertisement. Scroll to continue reading.

The documents presented in court also show that the two created multiple shell companies to make it look as if the overseas workers were affiliated with US-based companies.

However, these businesses had no employees, and their financial accounts received millions in payments from the victim companies. Most of the funds were transferred overseas to the co-conspirators.

The two, along with four other US-based facilitators, received roughly $700,000 for their participation in the scheme.

Kejia Wang and Zhenxing Wang were sentenced to 108 and 92 months in prison, respectively, and ordered to forfeit a total of $600,000 in illegal proceeds. Kejia Wang was also ordered to pay over $29,000 in restitution.

Nine other individuals indicted in relation to the scheme remain at large, and the US has announced a reward of up to $5 million for information leading to their arrest.

The individuals are Xu Yongzhe, Huang Jingbin, Tong Yuze, Zhou Baoyu, Yuan Ziyou (Samuel Yuan), Zhou Zhenbang, Liu Menting, Liu Enchia, and Song Min Kim (also known as Chengmin Jin).

Related: North Korean Hackers Target High-Profile Node.js Maintainers

Related: North Korean Hackers Drain $285 Million From Drift in 10 Seconds

Related: Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea

Related: Ukrainian Gets 5 Years in US Prison for Aiding North Korean IT Fraud

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Jazz has named Sean Robinson, Rickie Goyal, Danielle Guetta, Shani Nago, and Lior Magram as VPs and Michael Calev as COO.

AJ Shipley has been appointed Chief Product Officer at CrowdStrike.

Brinqa has named Ron Dovich as Chief AI and Automation Officer, David Allen as CTO, Steve Biagioni as CFO, and James Walta as VP of Product.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.