Five Plead Guilty In U.s. For Helping North Korean It Workers...
The U.S. Department of Justice (DoJ) on Friday announced that five individuals have pleaded guilty to assisting North Korea's illicit revenue generation schemes by enabling information technology (IT) worker fraud in violation of international sanctions.
Phagnasay, Salazar, and Travis pleaded guilty to one count of wire fraud conspiracy for knowingly allowing IT workers located outside of the U.S. to use their U.S. identities between about September 2019 and November 2022 and secure jobs at American firms.
The three defendants also served as facilitators, hosting the company-issued laptops at their residences and installing remote desktop software on those machines without authorization so that the IT workers could connect to them and give the impression that they were working remotely within the U.S.
Furthermore, the trio is said to have aided the overseas IT workers in passing employer vetting procedures, with Salazar and Travis taking it to the next level by appearing for drug testing on behalf of them. Travis, then an active-duty member of the U.S. Army, received at least $51,397 for his role in the fraudulent scheme. Phagnasay and Salazar are said to have earned at least $3,450 and $4,500, respectively.
Didenko, whose arrest was disclosed by the DoJ back in May 2025, has pleaded guilty to wire fraud conspiracy and aggravated identity theft for stealing the identities of U.S. citizens and selling them to IT workers so that they could land jobs at 40 U.S. companies. Didenko has also agreed to forfeit more than $1.4 million.
"Didenko ran a website using a U.S.-based domain, 'Upworksell.com,' designed to help overseas IT workers buy or rent stolen or borrowed identities," the DoJ said. "Beginning in 2021, the IT workers used the identities to get hired on online freelance work platforms based in California and Pennsylvania."
The Ukrainian national also paid individuals in the U.S. to receive and host laptops, turning their homes into laptop farms for the IT workers. One such laptop farm was operated by Christina Marie Chapman in Arizona. Didenko's site has since been seized. Chapman was sentenced to 8.5 years in prison in July 2025.
Didenko is estimated to have managed as many as 871 proxy identities and facilitated the operation of at least three U.S.-based laptop farms. He also enabled his overseas clients to access Money Service Transmitters rather than having to physically open an account at a U.S. bank to transfer the employment income to fore
Source: The Hacker News
