A U.S. federal court docket has sentenced a Ukrainian man to 5 years in jail for his half in a long-running identification theft operation that helped abroad North Korean employees acquire fraudulent employment at dozens of U.S. corporations.
U.S. prosecutors introduced prices in 2024 in opposition to Oleksandr Didenko, 29, a resident of Kyiv, for organising North Koreans with stolen identities of U.S. residents to get employed and earn a wage. Below this scheme, the employees’ earnings have been funneled again to Pyongyang, which the regime used to fund its internationally sanctioned nuclear weapons program.
That is the newest in a string of current convictions of people concerned in facilitating ongoing North Korean so-called “IT employee” schemes. Safety researchers have described North Korean employees as a “triple risk” to U.S. and Western companies, as they violate U.S. sanctions, all of the whereas enabling North Koreans to steal delicate firm information, after which later extort these sufferer corporations into not publicly releasing company secrets and techniques.
Prosecutors stated Didenko ran an internet site referred to as Upworksell, which allowed individuals working abroad, together with North Koreans, to purchase or hire stolen identities for gaining employment with U.S. corporations. Didenko dealt with greater than 870 stolen identities, per the Justice Division.
The FBI seized Upworksell in 2024 and diverted its site visitors to its personal servers. Polish authorities arrested Didenko, who was then extradited to the U.S. and later pleaded responsible.
In a press release this week, the U.S. Division of Justice stated Didenko additionally paid individuals to obtain and host computer systems at their properties in California, Tennessee, and Virginia. These “laptop computer farms” are rooms containing racks of open laptops, permitting North Koreans to remotely carry out their work as in the event that they have been bodily in the USA.
Safety large CrowdStrike stated final yr that it has seen a pointy rise within the variety of North Korean employees infiltrating corporations, typically as distant builders or different technical software program engineering jobs. The scheme is amongst many who the North Korean regime makes use of to complement itself, whereas unable to make use of the worldwide monetary system, because of worldwide sanctions.
North Koreans are additionally identified to impersonate recruiters and VCs in efforts to trick unsuspecting high-profile and net-worth victims into granting entry to their computer systems, together with crypto.
