- 896
- 246
A Ukrainian man received a five-year prison sentence for assisting North Korean IT professionals who obtained employment at American companies under false identities. Oleksandr Didenko, 39, from Kyiv, pleaded guilty in November 2025 to aggravated identity theft and conspiracy to commit fraud.
He was arrested in Poland in May 2024. A US court has now sentenced him to 60 months in prison and one year of post-release supervision.
Furthermore, Didenko agreed to forfeit over $1.4 million (in cash and cryptocurrency) seized from him and his accomplices.
According to investigators (PDF), he stole the personal data of US citizens and sold it through the online platform UpWorkSell (which was subsequently seized by the US Department of Justice). These "digital identities" were used by foreign IT specialists with ties to North Korea to obtain remote work at American companies. In total, 40 companies from California and Pennsylvania are involved.
The scale is impressive: investigators say there were at least 871 covert identities and accounts on three freelance platforms. A network of so-called "laptop farms" operated simultaneously in Virginia, Tennessee, California, Florida, Ecuador, Poland, and Ukraine. These were used to create the illusion that employees were physically located in the United States, while in fact, they were working from other countries.
One of these "laptop farms" was run by 50-year-old Christina Marie Chapman of Arizona, from her own home. She was indicted in May 2024, and in July 2025, she pleaded guilty and later received a 102-month prison sentence.
The FBI emphasizes that this is not just employment fraud. According to James Barnacle, a spokesman for the FBI's New York office, the scheme not only opened an unauthorized "back door" into the US labor market but also helped finance the enemy regime.
American authorities have been warning of similar schemes since at least 2023. According to the FBI, North Korea systematically employs an army of IT specialists who, under stolen identities, work for Western companies and transfer the earnings to the state.
He was arrested in Poland in May 2024. A US court has now sentenced him to 60 months in prison and one year of post-release supervision.
Furthermore, Didenko agreed to forfeit over $1.4 million (in cash and cryptocurrency) seized from him and his accomplices.
According to investigators (PDF), he stole the personal data of US citizens and sold it through the online platform UpWorkSell (which was subsequently seized by the US Department of Justice). These "digital identities" were used by foreign IT specialists with ties to North Korea to obtain remote work at American companies. In total, 40 companies from California and Pennsylvania are involved.
The scale is impressive: investigators say there were at least 871 covert identities and accounts on three freelance platforms. A network of so-called "laptop farms" operated simultaneously in Virginia, Tennessee, California, Florida, Ecuador, Poland, and Ukraine. These were used to create the illusion that employees were physically located in the United States, while in fact, they were working from other countries.
One of these "laptop farms" was run by 50-year-old Christina Marie Chapman of Arizona, from her own home. She was indicted in May 2024, and in July 2025, she pleaded guilty and later received a 102-month prison sentence.
The FBI emphasizes that this is not just employment fraud. According to James Barnacle, a spokesman for the FBI's New York office, the scheme not only opened an unauthorized "back door" into the US labor market but also helped finance the enemy regime.
American authorities have been warning of similar schemes since at least 2023. According to the FBI, North Korea systematically employs an army of IT specialists who, under stolen identities, work for Western companies and transfer the earnings to the state.