A significant technology fraud scheme has been uncovered involving a New Jersey man and eight individuals from China and Taiwan, with federal prosecutors announcing charges that reveal the conspiracy’s extensive operations.
The scheme, which spanned from 2021 to October 2024, allegedly involved the theft of over 80 identities of United States citizens to secure remote jobs as software engineers at more than 100 U.S. companies, including several Fortune 500 firms.
According to an indictment filed in federal court in Boston, the defendants targeted various sectors, including California-based defense contractors, a semiconductor distributor, and an online media company located in Massachusetts.
The fraudulent activities are believed to have generated over $5 million, which was funneled into programs related to weapons of mass destruction operated by the Democratic People’s Republic of Korea (DPRK).
Zhenxing “Danny” Wang from Brunswick, New Jersey, was arrested on Monday and is facing multiple conspiracy charges, including mail and wire fraud, money laundering, identity theft, and causing damage to a protected computer.
Wang’s initial court hearing in Boston has yet to be scheduled, and he is alleged to have played a central role in orchestrating the scheme.
The indictment details that through their unauthorized access to U.S. company networks, the conspirators aimed to gain direct control and compromise sensitive computer systems.
It mentions that unnamed accomplices were involved in the conspiracy across states like New Jersey, New York, and California, as well as overseas operations.
Once hired, the defendants would receive company laptops, which they sent to Wang.
Wang was accused of installing remote desktop software on these laptops, allowing the defendants to appear as though they were working in the United States.
This scheme has triggered serious concerns about North Korean cyber operations, which have been increasingly integrated into the global workforce to target U.S. companies effectively.
In a statement, Leah B. Foley, the U.S. Attorney for Massachusetts, expressed that in light of U.S. and United Nations sanctions, the DPRK has dispatched numerous skilled IT personnel worldwide, reflecting the immediate and real threats posed by DPRK operatives.
One significant target of the conspiracy was a defense contractor in California, where sensitive materials, including data related to the International Traffic in Arms Regulations, were stolen alongside source code and other crucial computer files.
John A. Eisenberg, assistant attorney general for the Department of Justice’s national security division, highlighted that such schemes threaten U.S. companies and are specifically designed to evade sanctions while funding the DPRK’s illicit activities.
The investigation encompassed a wide geographical area, stretching from San Diego to Las Vegas, New York, and Boston.
Authorities searched seven “laptop farms” located in New York, New Jersey, and California, recovering over 70 electronic devices.
Moreover, investigators seized 21 counterfeit web domains and 29 financial accounts, which contained significant funds that were allegedly utilized to launder revenue generated by the North Korean regime through remote IT employment.
In a related matter, John E. Helsing from the Department of Defense remarked that these indictments serve as a deterrent for individuals and foreign entities that attempt to illegally export vital defense information.
Alongside Wang, the indictment named six Chinese nationals and two Taiwanese nationals, emphasizing the international scope of the operation.
In conjunction with this case, a separate unsealed indictment in Georgia charged four North Korean nationals with stealing over $750,000 in virtual currency and laundering the funds overseas.
Foley noted that, different from traditional North Korean IT workers who typically remit salaries back to North Korea, these individuals sought jobs within virtual currency businesses to gain the trust of those companies before executing their thefts.
These two cases are part of the Justice Department’s DPRK: Domestic Enabler initiative, which aims to disrupt North Korea’s revenue generation networks through remote IT workers and the individuals in the U.S. who enable them.
This initiative underscores the increasing vigilance of U.S. authorities in addressing threats posed by cyber operations linked to North Korea and protecting national security.
image source from:bostonglobe
