Article Details

Selling your identity to North Korean IT scammers isn't a sustainable side hustle. Four US citizens tried it, and the DoJ just secured guilty pleas from all of 'em. It sounds like easy money. North Koreans pay you to use your identity so they can get jobs working for American companies in IT. However, if you go this route, the US Department of Justice promises to catch up with you eventually. Case in point: four US citizens and a Ukrainian identity broker pled guilty to just such charges this month, the DoJ said in a recent press release. One was even an active duty US Army soldier at the time, the Department noted.  Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis (the latter being the US Army soldier) each pled guilty to one wire fraud conspiracy for providing their identities to North Koreans between 2019 and 2022 so the Norks could fraudulently get work at US companies. All three provided space in their homes for laptops issued by the companies they supposedly worked for and installed remote access software that allowed their North Korean comrades to appear to be working from the US, the DoJ said.  The trio all pled guilty in the Southern District of Georgia, though it's not clear whether they were working together.  According to the DoJ, Travis, the former US Army soldier, earned at least $51,397 for his part in the scheme. Phagnasay and Salazar earned considerably less, taking in somewhere in the neighborhood of $3,450 and $4,500, respectively. Travis and Salazar even showed up in person for drug tests to perpetuate the scheme, the DoJ noted. The trio's scheme generated approximately $1.28 million in salary payments from victim US companies. A fourth American, Erick Ntekereze Prince, also pled guilty earlier this month to similarly providing North Koreans with stolen identities and laptops. The DoJ said that Prince used his company, Taggcar Inc., to supply allegedly "certified" IT workers who were actually located outside the United States and using false or stolen identities. Like the Georgia trio, Prince hosted company-issued laptops for his "certified" IT workers' use that were remotely accessed by North Koreans, earning him more than $89,000.  Prince was indicted with two others in January 2025 as part of a larger scheme that saw North Korean IT workers obtain employment with more than 64 US companies, earning nearly $1 million in salary payments. One of Prince's co-conspirators is taking their case to trial, while the other resides in the Netherlands and is pending extradition to the US. Ukrainian national Oleksandr Didenko was also operating on a large scale. He pled guilty last week to stealing the identities of US citizens and selling them to overseas IT workers, with North Korea among the buyers of the stolen identities. Didenko's brokerage led to fraudulent employment at 40 US companies and hundreds of thousands of dollars in salary fraud.  Didenko was apprehended in Poland and extradited to the US in late 2024. As an admitted broker of stolen identities, he pleaded guilty to one count of wire fraud conspiracy and one count of aggravated identity theft. North Korean IT worker scams have become a prominent problem for US companies of late, with identity services firm Okta noting in late September that thousands of companies have been targeted in recent years. Most of the fake IT workers are from North Korea, or are connected to Pyongyang in some way, meaning much of the money stolen by the fraudsters ends up in the hands of the Kim regime.  The aim of the scams is two-fold, CrowdStrike counter adversary division senior VP Adam Meyers said at RSAC in April, with the scammers aiming to get their hands on both money and intellectual property.  "No matter who or where you are, if you support North Korea's efforts to victimize U.S. businesses and citizens, the FBI will find you and bring you to justice," FBI counterintelligence assistant director Roman Rozhavsky said of the latest arrests, while also making an appeal for companies to please do better to avoid falling victim to such scams.  "We ask all our private sector partners to improve their security process for vetting remote workers and to remain vigilant regarding this emerging threat," the FBI leader added.