Back

U.S. Nationals Sentenced for $5M North Korean IT Fraud Scheme

Severity: High (Score: 72.5)

Sources: Feeds2.Feedburner, Justice, rewardsforjustice.net, Bleepingcomputer, www.ic3.gov

Summary

Two U.S. nationals, Kejia Wang and Zhenxing Wang, were sentenced for facilitating a fraudulent scheme that allowed North Korean IT workers to pose as U.S. residents and secure jobs at over 100 companies, generating more than $5 million for the DPRK. The defendants operated 'laptop farms' in the U.S., using stolen identities of at least 80 Americans to bypass security measures and access sensitive corporate data. Kejia Wang received a 108-month sentence, while Zhenxing Wang was sentenced to 92 months. Both men created shell companies to mask the illicit operations and launder money. The U.S. government has recovered $400,000 of the forfeited funds, with ongoing investigations into additional co-conspirators. This case highlights the risks posed by foreign actors exploiting remote work systems and identity theft. The scheme has raised significant national security concerns due to potential access to sensitive information. Key Points: • Kejia Wang and Zhenxing Wang facilitated North Korean IT workers posing as U.S. residents. • The fraudulent scheme generated over $5 million for the DPRK and affected more than 100 companies. • The defendants created shell companies and used 'laptop farms' to bypass security measures.

Key Entities

  • Data Breach (attack_type)
  • DPRK RevGen: Domestic Enabler Initiative (campaign)
  • China (country)
  • Democratic People’s Republic Of Korea (country)
  • North Korea (country)
  • South Korea (country)
  • United States (country)
  • T1021 - Remote Services (mitre_attack)
  • KVM Switches (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed