A Ukrainian man has been sentenced to five years in prison by a US federal court for his role in a long-running identity theft scheme that helped North Korean workers abroad obtain fraudulent jobs at dozens of US companies.
American prosecutors Charges were filed in 2024 v. Kiev resident Oleksandr Didenko, 29, for grooming North Koreans with stolen identities of U.S. citizens to get work and earn a wage. Under this scheme, workers’ profits were transferred to Pyongyang, which the regime used to finance an internationally sanctioned nuclear weapons programme.
This is the latest in a series of recent convictions of individuals involved in facilitating so-called “IT worker” schemes underway in North Korea. Security researchers have described North Korean workers as a “triple threat” to US and Western companies, because they violate US sanctions while simultaneously enabling the North Koreans to steal sensitive company data and later blackmail those victim companies into not disclosing company secrets publicly.
Prosecutors said Didenko ran a website called Upworksell, which allowed people working abroad, including North Koreans, to buy or rent stolen identities to get work at American companies. Didenko handled more than 870 stolen identities, according to the Department of Justice.
The FBI seized Upworksell in 2024 and diverted its traffic to its own servers. Polish authorities arrested Didenko, who was later extradited to the United States and later pleaded guilty.
in Statement this weekDidenko also paid people to receive computers and host them at their homes in California, Tennessee and Virginia, the US Department of Justice said. These “laptop farms” are rooms with racks of open laptops, allowing the North Koreans to do their work remotely as if they were physically in the United States.
Security giant CrowdStrike said last year that it had seen a sharp rise in the number of North Korean workers infiltrating companies, often as remote developers or other technical software engineering jobs. This scheme is among many that the North Korean regime uses to enrich itself, while it is unable to use the global financial system, thanks to international sanctions.
North Koreans have also been known to impersonate recruitment and venture capital firms in an attempt to trick high-profile victims and unsuspecting high-net-worth individuals into giving them access to their computers, including cryptocurrencies.
