Image by Sigmund, from Unsplash
DOJ Busts North Korean Tech Job Scam Using Stolen U.S. Identities
Reading time: 2 min
Last Updated: Jul 2, 2025
-
![Kiara Fabbri]()
-
![Sarah Frazier]()
Fact-Checked by Sarah Frazier Content Manager
The U.S. Justice Department dismantled a North Korean scheme that used stolen American identities to infiltrate tech jobs and fund the Kim regime.
In a rush? Here are the quick facts:
- North Koreans used stolen U.S. IDs to land tech jobs remotely.
- DOJ seized 200 computers across 16 states in crackdown.
- Two Americans charged with aiding North Korean impersonation scheme.
The U.S. Department of Justice (DOJ) uncovered a significant operation where North Korean workers used stolen American identities to obtain remote tech positions in U.S. companies, as first reported by WIRED.
In their announcement on Monday, the authorities revealed how they conducted searches at 29 “laptop farms” across 16 states, while seizing 200 computers, together with 21 websites and 29 financial accounts that belonged to the scheme.
The workers stole more than 80 American identities to get jobs at over 100 companies, while sending all their earnings to the North Korean government. Two Americans, Kejia Wang and Zhenxing Wang, from New Jersey, face charges for their role in creating fake identities and establishing remote access points for impersonators. Only Zhenxing Wang has been arrested.
“Whenever you have a laptop farm like this, that’s the soft underbelly of these operations. Shutting them down across so many states, that’s massive,” said Michael Barnhart, an investigator at security firm DTEX, as reported by WIRED.
The Wangs obtained private information from more than 700 Americans to enable North Koreans to create false identities. The stolen credentials originated from criminal forums operating on the dark web.
Barnhart noted, “They have a stable of these […] they’re just going to piggyback [on data breaches] because it’s already out there.”
The fake workers penetrated multiple high-stakes companies during their operations. WIRED reported that a California defense contractor suffered a breach when the impersonator accessed AI-related data that fell under export law regulations.
North Korean hackers stole more than $900,000 from cryptocurrency firms, with $740,000 coming from an Atlanta-based company, as reported by the DOJ.
While this crackdown is a major blow to the operation, Barnhart warns, “This is going to put a heavy dent in what they’re doing. But as we adapt, they adapt.”
Previous Story
Latest articles 
