Five people have pleaded guilty to helping North Koreans defraud U.S. companies by posing as remote IT workers, the U.S. Department of Justice announced on Friday.
The five people are accused of working as “facilitators” who helped North Koreans get jobs by providing their own real identities, or false and stolen identities of more than a dozen U.S. nationals. The facilitators also hosted company-provided laptops in their homes across the U.S. to make it look like the North Korean workers lived locally, according to the DOJ press release.
These actions affected 136 U.S. companies and netted Kim Jong Un’s regime $2.2 million in revenue, said the DOJ.
The latest round of guilty pleas is part of a years-long effort by American authorities to disrupt North Korea’s ability to make money from cybercrime. For years, North Korea has successfully infiltrated hundreds of Western companies as remote IT workers — as well as investors and recruiters — as part of a scheme to fund its internationally sanctioned nuclear weapons program. In recent years, the U.S. government has fought back, indicting people involved in the scheme, and imposing sanctions on international fraud networks.
“These prosecutions make one point clear: the United States will not permit [North Korea] to bankroll its weapons programs by preying on American companies and workers,” said U.S. Attorney Jason A. Reding Quiñones said in a press release. “We will keep working with our partners across the Justice Department to uncover these schemes, recover stolen funds, and pursue every individual who enables North Korea’s operations.”
Three of the people — U.S. nationals Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis — each pleaded guilty to one count of wire fraud conspiracy.
Prosecutors accused the three of helping North Koreans posing as legitimate IT workers, whom they knew worked outside of the United States, to use their own identities to obtain employment, helped them remotely access their company-issued laptops set up in their homes, and also helped the North Koreans pass vetting procedures, such as drug tests.
Techcrunch event Join the Disrupt 2026 Waitlist Add yourself to the Disrupt 2026 waitlist to be first in line when Early Bird tickets drop. Past Disrupts have brought Google Cloud, Netflix, Microsoft, Box, Phia, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, and Vinod Khosla to the stages — part of 250+ industry leaders driving 200+ sessions built to fuel your growth and sharpen your edge. Plus, meet the hundreds of startups innovating across every sector. Join the Disrupt 2026 Waitlist Add yourself to the Disrupt 2026 waitlist to be first in line when Early Bird tickets drop. Past Disrupts have brought Google Cloud, Netflix, Microsoft, Box, Phia, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, and Vinod Khosla to the stages — part of 250+ industry leaders driving 200+ sessions built to fuel your growth and sharpen your edge. Plus, meet the hundreds of startups innovating across every sector. San Francisco | WAITLIST NOW
Travis, who prosecutors said was an active servicemember of the U.S. Army at the time of the scheme, earned more than $50,000 for these actions, while Phagnasay and Salazar were paid at least $3,500 and $4,500 respectively. The scheme saw U.S. companies pay around $1.28 million in salaries, most of which was sent to the North Korean IT workers overseas, per the DOJ.
The fourth U.S. national who pleaded guilty is Erick Ntekereze Prince, who ran a company called Taggcar, which supplied to U.S. companies allegedly “certified” IT workers but whom he knew worked outside of the country and were using stolen or fake identities. Prince also hosted laptops with remote access software at several residences in Florida, and earned more than $89,000 for his work, the DOJ said.
... continue reading