A 29-year-old Ukrainian nationwide has been sentenced to 5 years in jail within the U.S. for his position in facilitating North Korea’s fraudulent info know-how (IT) employee scheme.
In November 2025, Oleksandr “Alexander” Didenko pleaded responsible to wire fraud conspiracy and aggravated identification theft for stealing the identities of U.S. residents and promoting them to IT staff to assist them land jobs at 40 U.S. firms and draw common salaries, which have been then funneled again to the regime to help its weapons applications. He was apprehended by Polish authorities in late 2024, and later extradited to the U.S.
Didenko has additionally been ordered to serve 12 months of supervised launch and to pay $46,547.28 in restitution. Final yr, Didenko additionally agreed to forfeit greater than $1.4 million, which incorporates about $181,438 in U.S. {dollars} and cryptocurrency seized from him and his co-conspirators.
The defendant is alleged to have run an internet site named Upworksell[.]com to assist abroad IT staff purchase or lease stolen or borrowed identities for the reason that begin of 2021. The IT staff abused these identities to use for jobs on freelance work platforms primarily based in California and Pennsylvania. The location was seized by authorities on Could 16, 2024.
As well as, Didenko paid people within the U.S. to obtain and host laptops at their residences in Virginia, Tennessee and California. The thought was to offer the impression that the employees have been situated within the nation, when, in actuality, they have been connecting remotely from nations like China, the place they have been dispatched to.
As a part of the legal scheme, Didenko managed as many as 871 proxy identities and facilitated the operation of at the least three U.S.-based laptop computer farms. One of many computer systems was despatched to a laptop computer farm run by Christina Marie Chapman in Arizona. Chapman was arrested in Could 2024 and sentenced to 102 months in jail in July 2025 for collaborating within the scheme.
Moreover, he enabled his North Korean purchasers to entry the U.S. monetary system via Cash Service Transmitters as an alternative of getting to open an account at a financial institution inside the U.S. These cash switch providers have been used to maneuver employment revenue to overseas financial institution accounts. Officers mentioned Didenko’s purchasers have been paid tons of of 1000’s of {dollars} for his or her work.
“Defendant Didenko’s scheme funneled cash from Individuals and U.S. companies, into the coffers of North Korea, a hostile regime,” mentioned U.S. Legal professional Jeanine Ferris Pirro. “At the moment, North Korea just isn’t solely a risk to the homeland from afar, it’s an enemy inside.”
“Through the use of stolen and fraudulent identities, North Korean actors are infiltrating American firms, stealing info, licensing, and knowledge that’s dangerous to any enterprise. However greater than that, cash paid to those so-called staff goes on to munitions applications in North Korea.”
Regardless of continued regulation enforcement actions, the Hermit Kingdom’s conspiracy exhibits no indicators of stopping. If something, the operation has continued to evolve with new techniques and methods to evade detection.
In keeping with a report from risk intelligence agency Safety Alliance (SEAL) final week, the IT staff have begun to use for distant positions utilizing actual LinkedIn accounts of people they’re impersonating in an effort to make their fraudulent functions look genuine.
