Two Americans have been jailed for helping North Korean Information Technology (IT) workers become US citizens and employed by more than 100 companies across the country, including many Fortune 500 firms.
Kejia Wang, 42, and Zhenxing Wang, 39, were indicted in June 2025 following a coordinated law enforcement action against the Democratic People’s Republic of Korea (DPRK) government’s fundraising activities led by the US Department of Justice (DoJ).
According to court documents, between 2021 and October 2024, the pair made more than $5 million in illegal proceeds to the DPRK government and an estimated $3 million in financial damages to companies that employed North Korean workers who used the stolen identities of more than 80 US citizens.
As part of their scheme, they created financial accounts, fake websites, and numerous shell companies (e.g., Tony WKJ LLC, Hopana Tech LLC, Independent Lab LLC) to make it appear that DPRK operatives were working with legitimate US businesses and collecting payments.
Zhenxing Wang also seized company-issued laptops from homes across the United States to help North Korean IT workers access corporate networks without raising suspicion.
“For years, the defendants enriched themselves by assisting North Korean actors in a fraudulent scheme to obtain employment at American companies,” said Assistant Attorney General for National Security John A. Eisenberg. “This strategy put North Korean IT personnel at the mercy of unsuspecting US companies and American computer systems, thereby harming our national security.”
Nine other defendants linked to the same case, who were also indicted in June 2025, are still at large. The US State Department has announced a reward of up to $5 million for information on the suspects, which could help disrupt illegal activities supporting North Korea’s weapons of mass destruction (WMD) program.
Kejia Wang was sentenced to 108 months in prison after pleading guilty to his role in the scheme in September 2025, and Zhenxing Wang served 92 months after pleading guilty in January 2026 to money laundering conspiracy and wire fraud conspiracy.
In February, Ukrainian national Oleksandr Didenko, who pleaded guilty in November 2025 to conspiracy to commit fraud and aggravated identity theft, was also sentenced to five years in prison for providing DPRK IT employees with stolen credentials that helped them gain access to US companies.
The FBI has been warning about North Korean actors posing as US-based IT workers since at least 2023.
As the FBI has also noted, the DPRK maintains a large army of thousands of IT workers who use stolen identities to obtain employment at hundreds of US companies.
Automatic logging proves that the path exists. BAS proves that your controls are stopping you. Many teams run without each other.
This white paper outlines six areas of validation, indicates where coverage ends, and provides clinicians with three diagnostic questions for any screening tool.
