U.S. prosecutors secured two more sentences against people who helped North Korean IT workers pose as U.S.-based employees.
Summary
- Two U.S. men received 18-month prison terms for helping North Korean IT workers access company laptops.
- The DOJ said the latest schemes generated over $1.2 million for North Korea and hit nearly 70 firms.
- Crypto.news reports show North Korean IT workers have targeted crypto teams through hiring and remote access.
The Justice Department said Matthew Issac Knoot of Nashville and Erick Ntekereze Prince of New York each received 18 months in prison.
The DOJ said the two cases mark the seventh and eighth sentences of U.S.-based “laptop farmers” in five months. The schemes generated more than $1.2 million for North Korea and affected nearly 70 U.S. companies.
How the remote work scheme operated
Laptop farmers received computers that companies had shipped to new remote workers. Prosecutors said Knoot and Prince hosted those devices at their homes, then installed remote desktop software so overseas workers could use them.
That setup made North Korean workers appear to be working from U.S. addresses. DOJ officials said the scheme helped them enter company networks, earn salaries, and send money to North Korea while hiding their real location.
Prince was ordered to forfeit $89,000 that North Korean IT workers paid him. In Knoot’s case, prosecutors said companies paid more than $250,000 to workers linked to his laptop farm. The companies also faced more than $500,000 in audit and system repair costs.
Earlier cases show a wider network
The latest sentences followed another DOJ case in April. Kejia Wang and Zhenxing Wang were sentenced for running laptop farms tied to a scheme that placed North Korean workers at more than 100 U.S. companies.
That case used stolen identities from at least 80 U.S. citizens and generated more than $5 million for North Korea. Prosecutors said the workers also accessed sensitive employer data, including source code and controlled technical information.
Crypto firms remain a major target
Related crypto.news coverage has warned that crypto firms face direct risk from North Korean remote worker schemes. In April, crypto.news reported that security researcher Taylor Monahan said North Korean-linked developers had worked inside more than 40 DeFi projects over seven years.
The warning came as crypto projects faced more attacks linked to social engineering and insider access. Crypto.news also reported that ZachXBT tied at least 25 crypto hacks or extortion cases to North Korean IT workers.
Another crypto.news report said North Korean IT workers used fake documents and stolen identities to obtain jobs in web3, crypto infrastructure, and blockchain development. TRM Labs said many were paid in USDC and USDT before funds moved through wallets, mixers, and conversion services.
Be the first to comment