Five Individuals Plead Guilty to Facilitating North Korean Cyber Operations Against US Firms
The U.S. Department of Justice (DOJ) has announced that five individuals have pleaded guilty to aiding North Korea's illicit activities, including remote IT worker fraud and cryptocurrency theft. These operations have targeted American companies, resulting in significant financial losses.
The DOJ's actions have led to the seizure of $15 million in cryptocurrency from heists carried out by the APT38 threat group, linked to the notorious Lazarus hacking group. The group has been stealing funds through cyber-attacks on cryptocurrency exchanges in Panama, Estonia, and Seychelles, totaling $382 million in stolen assets.
The five guilty pleas involve a network of facilitators, including four Americans and one Ukrainian, who used false or stolen identities to help North Korean agents gain employment at U.S. companies for remote work. These agents then transferred their salaries and, in some cases, stolen data, to the North Korean government.
According to the DOJ, the actions of these individuals affected 136 companies nationwide, generating over $2.2 million in revenue for the DPRK regime. The guilty pleas are as follows:
- Oleksandr Didenko: Pleaded guilty to wire fraud conspiracy and aggravated identity theft. He sold stolen U.S. identities to overseas IT workers, who secured employment at 40 U.S. companies. Didenko is also linked to the UpWorkSell platform, seized by the DOJ, and was previously identified as a co-conspirator with Christina Marie Chapman.
- Erick Ntekereze Prince: Pleaded guilty to wire fraud conspiracy. Through his company, Taggcar Inc., he placed overseas IT workers using stolen identities at 64 U.S. companies, earning $89,000 and causing damages exceeding $943,000.
- Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis: Pleaded guilty to wire fraud conspiracy. They participated in the schemes between 2019 and 2022, causing damages totaling $1.28 million. Travis earned $51,000, while Phagnasay and Salazar earned between $3,450 and $4,500.
As part of their guilty pleas, Didenko agreed to forfeit $570,000 in fiat currency and an additional $830,000 worth of cryptocurrency. The DOJ also filed two civil forfeiture complaints to seize over $15 million stolen and laundered by North Korea's APT38.
This case highlights the ongoing threat posed by North Korea's cyber capabilities and the importance of international cooperation in combating such illicit activities.
