US nationals sentenced to prison for helping North Korean IT workers infiltrate over 100 companies

Two U.S. nationals have been sentenced to prison for their roles in a scheme that helped North Korean IT workers pose as American residents and gain employment at more than 100 U.S. companies, including numerous Fortune 500 firms. Kejia Wang, 42, received a 108-month prison sentence after pleading guilty in September 2025, while Zhenxing Wang, 39, was sentenced to 92 months following a January 2026 guilty plea to conspiracy charges related to money laundering and wire fraud. The two were charged in June 2025 as part of a coordinated law enforcement action targeting North Korean government fundraising operations. Court documents reveal that between 2021 and October 2024, the scheme generated over $5 million in illicit revenue for North Korea's government and caused an estimated $3 million in financial damages to victim companies. The operation involved the use of stolen identities from more than 80 U.S. citizens. The defendants established financial accounts, fake websites, and multiple shell companies to create the appearance that North Korean workers were affiliated with legitimate U.S. businesses. Zhenxing Wang also hosted company-issued laptops in homes across the United States, enabling remote North Korean IT workers to access corporate networks without detection. Assistant Attorney General for National Security John A. Eisenberg stated that the scheme placed North Korean workers on the payrolls of unwitting U.S. companies and within their computer systems, posing a threat to national security. Nine other individuals charged in connection with the scheme remain at large, with the State Department offering a reward of up to $5 million for information leading to their capture. In a related case, Ukrainian national Oleksandr Didenko was sentenced to five years in prison in February for providing stolen identities that helped North Korean workers infiltrate U.S. companies. The FBI has warned since at least 2023 about North Korean threat actors impersonating U.S.-based IT staff, noting that North Korea maintains thousands of IT workers who use stolen identities to secure employment with American companies.