- DOJ actions expose networks enabling North Korean IT workers to infiltrate U.S. companies.
- Five defendants admit roles in identity fraud schemes affecting more than 136 U.S. firms.
- Over $15M in seized USDT tied to APT38 cyber thefts across multiple global crypto platforms.
The U.S. Justice Department has announced a series of joint actions directed at eliminating North Korea’s illicit revenue networks across the United States and overseas, detailing five guilty pleas and civil forfeiture efforts involving more than $15 million in virtual currency linked to state-backed hacking activity.
According to officials, the measures correspond to an expanding federal effort to disrupt the Democratic People’s Republic of Korea’s remote IT employment schemes and multimillion-dollar cyber theft operations that violate U.S. sanctions and support government priorities.
Multiple Guilty Pleas Reveal U.S.-Based Facilitation Networks
Federal prosecutors disclosed that four U.S. nationals and one Ukrainian identity broker admitted to participating in schemes that allowed North Korean IT workers to access remote jobs at American companies.
Court filings reveal that defendants in Georgia, Florida, and the District of Columbia supplied stolen or falsified U.S. identities, hosted corporate laptops in residential settings, and assisted foreign workers in bypassing employment screening. More than 136 U.S. companies were affected.
In Georgia, U.S. nationals Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis pleaded guilty to conspiracy to commit wire fraud. They assisted overseas IT workers by providing their identities, enabling unauthorized access to their laptops, and participating in drug testing procedures to support fraudulent employment. The scheme generated approximately $1.28 million in salary payments, most of which was funneled to workers abroad.
Related: Stolen Funds in Crypto Theft Plummets 54.3% to $1.7B in 2023
In Washington, D.C., Ukrainian national Oleksandr Didenko admitted to wire fraud conspiracy and additional identity theft, acknowledging his role in supplying stolen U.S. identities to foreign IT workers, including North Korean nationals. He agreed to forfeit more than $1.4 million in assets seized during the investigation.
Separately, in Florida, Erick Ntekereze Prince pleaded guilty to running a contracting operation that placed foreign workers at more than 64 U.S. companies using falsified identities. Prince earned over $89,000 for facilitating access and hosting company devices.
More Than $15 Million in Virtual Currency Seized From APT38 Heists
The Department also filed two civil forfeiture complaints seeking ownership of more than 15 million USDT seized from the North Korean military hacking unit known as APT38. The funds were traced to four major thefts in 2023, targeting virtual currency platforms in Estonia, Panama, and Seychelles, which involved losses totaling more than $380 million.
Related: Crypto Theft in Scottsdale: Fake Uber Driver Steals $300K
However, officials noted that investigations are ongoing as authorities continue to trace assets laundered through cryptocurrency bridges, mixers, exchanges, and over-the-counter channels.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
