Two N.J. Men Sentenced to Combined 16+ Years in North Korean IT Worker Fraud Scheme

Two New Jersey men who operated "laptop farms" enabling North Korean IT workers to fraudulently obtain jobs at more than 100 U.S. companies using stolen identities were sentenced to a combined more than 16 years in federal prison, the Justice Department announced.

U.S. District Judge Nathaniel M. Gorton sentenced Kejia Wang, 42, of Edison, New Jersey, to 108 months in prison and Zhenxing Wang, 39, of New Brunswick, New Jersey, to 92 months. Both had pleaded guilty to conspiracy charges including wire fraud, money laundering, and identity theft.

The court ordered a total of $600,000 in forfeiture, three years of supervised release for each defendant, and $29,236.03 in restitution from Kejia Wang, according to the DOJ. The United States has already received $400,000 of the ordered forfeiture amount.

The scheme used stolen identities of at least 80 U.S. persons to place North Korean workers at Fortune 500 companies and defense contractors from approximately 2021 until October 2024, the department said. The operation generated more than $5 million in illicit revenue for the North Korean government.

"For years, the defendants enriched themselves by assisting North Korean actors in a fraudulent scheme to gain employment with U.S. companies," said Assistant Attorney General for National Security John A. Eisenberg. "The ruse placed North Korean IT workers on the payrolls of unwitting U.S. companies and in U.S. computer systems, thereby harming our national security."

According to the DOJ, the defendants created shell companies — Hopana Tech LLC, Tony WKJ LLC, and Independent Lab LLC — with corresponding bank accounts to receive millions in fraudulent payments from victim companies. Kejia Wang traveled to China twice in 2023 to coordinate with overseas actors, including a former classmate he knew was North Korean, and supervised at least five U.S.-based facilitators who hosted hundreds of company laptops at their residences.

The facilitators used keyboard-video-mouse (KVM) switches to enable remote access by the North Korean workers, the department said. The scheme enabled overseas actors to access sensitive data, including International Traffic in Arms Regulations (ITAR) controlled information from a California defense contractor developing AI-powered military technologies.

The case is the latest action under the Justice Department's "DPRK RevGen: Domestic Enabler Initiative." Federal law enforcement previously seized 17 web domains, 29 financial accounts, and recovered over 70 laptops during raids across three states in October 2024, according to the DOJ. The scheme caused U.S. companies to incur at least $3 million in legal fees, network remediation costs, and other damages.

Eight remaining defendants remain at large and wanted by the FBI. The Department of State's Rewards for Justice program announced a $5 million reward for information leading to the disruption of financial mechanisms supporting the fugitive defendants.

Court

U.S. Department of Justice

Case Name

Two N.J. Men Sentenced to Combined 16+ Years in North Korean IT Worker Fraud Scheme

View Source Document ↗