U.S. gov't nabs 29 'laptop farms' used by North Korean IT workers to access American companies

Home > National > North Korea

U.S. gov't nabs 29 'laptop farms' used by North Korean IT workers to access American companies

Published: 01 Jul. 2025, 14:02 Updated: 01 Jul. 2025, 18:34

Audio report: written by reporters, read by AI

Four North Korean nationals, Kim Kwang-jin, Kang Tae-bok, Jong Pong-ju, and Chang Nam-il, who have been charged in a five-count wire fraud and money laundering indictment, are seen on an FBI wanted poster released June 30. [REUTERS/YONHAP]

The U.S. government has uncovered 29 so-called "laptop farms" illegally operated by North Korean IT workers to generate foreign currency for Pyongyang, while also indicting American brokers who helped them secure jobs under false identities.

The U.S. Department of Justice (DOJ) announced on Monday that it had searched 29 sites in 16 states and seized 200 laptops used to remotely access American companies. Authorities also froze 29 financial accounts and shut down 21 fraudulent websites used in the operation.

These laptop farms are illicit schemes that use stolen or forged American identities to help North Korean nationals obtain jobs at U.S. IT companies under false pretenses. The North Koreans accessed the computers remotely from overseas using virtual private networks (VPNs) to mask their true identities and locations.

Among those indicted was American citizen Jensing Danny Wang, who allegedly operated a laptop farm from his home and acted as a broker connecting North Korean workers with U.S. firms.

Wang and his associates helped North Korean IT workers fraudulently gain employment at more than 100 U.S. companies from 2021 to October 2024 using over 80 stolen American identities, according to prosecutors. Even Fortune 500 companies were reportedly duped.

Wang’s group is believed to have pocketed around $696,000 in commission for transferring the workers’ earnings to North Korea via foreign financial networks. The DOJ estimated the damages to victim companies — including legal fees and IT system restoration costs — at over $3 million.

Miniatures of people with computers are seen in front of a North Korea flag in this illustration from July 19, 2023. [REUTERS/YONHAP]

Some of the North Korean workers reportedly landed positions at California-based defense contractors with access to sensitive information governed by the International Traffic in Arms Regulations (ITAR), raising national security concerns.

Separately, the U.S. Attorney’s Office for the Northern District of Georgia announced charges and arrest warrants for four North Korean nationals accused of stealing cryptocurrency from a blockchain company in the United States.

The individuals allegedly traveled to the United Arab Emirates using North Korean-issued travel documents and secured remote jobs at U.S.-based blockchain firms between 2020 and 2021 by concealing their identities.

After gaining the companies’ trust, they were assigned cryptocurrency management duties and stole approximately $915,000 by manipulating source codes.

“North Korean IT workers defraud American companies and steal the identities of private citizens, all in support of the North Korean regime,” said FBI Deputy Director Brett Leatherman. “That is why the FBI and our partners continue to work together to disrupt infrastructure, seize revenue, indict overseas IT workers, and arrest their enablers in the United States.”

Translated from the JoongAng Ilbo using generative AI and edited by Korea JoongAng Daily staff.
BY SUH YOU-JIN [[email protected]]