Massive DOJ Crackdown Hits North Korean SCAM

A hooded figure working on a laptop with a digital background featuring North Korean symbols

American traitors just pleaded guilty to funneling $1.28 million straight to North Korea’s weapons programs by selling out U.S. companies and identities—exposing how foreign enemies exploit our open remote work system.

Story Highlights

Four Americans and a Ukrainian admitted guilt in DOJ crackdown for aiding North Korean IT infiltrators, generating $1.28M in fraudulent salaries sent overseas.
U.S. Army soldier Alexander Travis earned over $50,000 hosting enemy “laptop farms” for remote jobs at American firms from 2019-2022.
Schemes fund North Korea’s WMD programs with $250-600M yearly, evading sanctions through stolen identities and deepfakes amid post-COVID hiring booms.
Over 320 U.S. companies infiltrated last year alone, costing millions in losses and eroding trust in remote hiring—now under Trump’s DOJ scrutiny.
DOJ vows to disrupt these threats, protecting American jobs and security from globalist vulnerabilities.

Guilty Pleas Uncover Treasonous Scheme

Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis pleaded guilty in Georgia federal court to wire fraud conspiracy. These U.S. nationals enabled North Korean IT workers to impersonate them for remote jobs at American companies from 2019 to 2022. They physically hosted employer-issued laptops, allowing remote access by Pyongyang operatives. The fraud generated $1.28 million in salaries, with most funds wired overseas to fund North Korea’s regime. Travis, an active-duty U.S. Army member, personally profited over $50,000 in this betrayal of national security.

Separate Facilitator Rings Exposed Nationwide

Erick Ntekereze Prince pleaded guilty in Florida for operating a staffing company from 2020 to 2024 that placed North Korean workers into U.S. firms. He earned $89,000 by providing fake identities and infrastructure for the infiltrators. Ukrainian national Oleksandr Didenko admitted guilt in Washington, D.C., for selling stolen U.S. identities that impacted 40 companies. These coordinated DOJ actions in early 2025 highlight a sprawling network using “laptop farms” to bypass sanctions and steal legitimate employment opportunities from Americans.

North Korea’s Decade-Long Infiltration Tactics

North Korean schemes trace back to 2018, evolving into sophisticated operations posing as remote IT workers. UN reports estimate $250-600 million annually funneled to weapons of mass destruction programs, with operatives quota-bound at $10,000 monthly earnings. Tactics include stolen identities from over 80 Americans, fake websites, and U.S. proxies hosting equipment. Post-COVID remote hiring surges provided cover, with 220% growth in infiltrations reported by CrowdStrike in 2025. Deepfakes now enable fake video interviews, hitting 320+ firms yearly including Fortune 500 giants like Nike.

Precedents like Christina Chapman’s case—facilitating 309 jobs for $17.1 million—show the scale. UAE-based North Koreans stole $915,000 in crypto from Atlanta and Serbian firms. These low-level American enablers, motivated by quick cash, undermine sanctions and hand military tech data to our adversaries.

Three Sentenced for Fraud Scheme That Enabled North Korean IT Workers to Infiltrate U.S. Firms https://t.co/VeUib3HnSC

— Joni Myers (@JoniMyers18) March 21, 2026

DOJ Crackdown Signals Victory for America First Security

Under President Trump’s DOJ leadership, Assistant AG John Eisenberg declared these actions disrupt North Korea’s efforts to finance weapons “on the backs of Americans.” U.S. Attorney Theodore S. Hertzberg called it a unique threat to remote hiring practices. FBI public service announcements warn companies against witting or unwitting aid. A $15 million cryptocurrency seizure from APT38 hackers underscores the financial warfare. Over 100 U.S. firms suffered $3 million-plus in remediation costs, with broader economic hits from stolen jobs and data breaches.

Protecting American Workers and Sovereignty

These pleas affirm Trump’s commitment to robust enforcement against foreign threats exploiting lax policies from the Biden era. Remote work vulnerabilities, amplified by globalist hiring frenzies, handed enemies direct access to U.S. networks and payrolls. Victims include IT and blockchain sectors, facing eroded trust and heightened vetting needs. Long-term, schemes fuel North Korea’s nuclear ambitions, demanding vigilant border-to-boardroom defenses. FBI and CrowdStrike urge identity verification to safeguard jobs for citizens, restoring limited government oversight on corporate negligence.