A Ukrainian nationwide was sentenced to 5 years in jail for offering North Korean IT staff with stolen identities that helped them infiltrate U.S. firms.
39-year-old Oleksandr Didenko of Kyiv, Ukraine, pleaded responsible in November 2025 to aggravated identification theft and wire fraud conspiracy after being arrested in Poland in Might 2024.
This week, he was sentenced to 60 months in jail and 12 months of supervised launch, and agreed to forfeit greater than $1.4 million, together with money and cryptocurrency seized from Didenko and his accomplices.
“Oleksandr Didenko participated in a scheme that stole the identities of a whole lot of individuals, to incorporate United States residents, which have been utilized by North Korea to fraudulently safe profitable IT jobs,” stated James Barnacle, Assistant Director in Cost of the FBI’s New York Area Workplace. “This huge operation not solely created an unauthorized backdoor into our nation’s job market, however helped fund the regime of an adversary.”
In keeping with court docket paperwork, Didenko stole U.S. residents’ identities and offered them to abroad IT staff by means of a web based platform often called UpWorkSell (which was seized by the Justice Division), who used them to fraudulently safe jobs with 40 U.S. firms in California and Pennsylvania.
All through this scheme, he supplied the North Korean distant staff with no less than 871 proxy identities and proxy accounts on three freelance IT hiring platforms. He additionally facilitated the operation of no less than eight “laptop computer farms” in Virginia, Tennessee, California, Florida, Ecuador, Poland, and Ukraine that allowed the North Koreans to make it appear to be their units have been situated in america.
One in all these “laptop computer farms” was run by Christina Marie Chapman, a 50-year-old lady from Arizona, from her own residence between October 2020 and October 2023. Chapman was charged in Might 2024 and was sentenced to 102 months in jail after a July 2025 responsible plea.
The FBI has been warning concerning the hazard introduced by North Korean menace actors impersonating U.S.-based IT workers since no less than 2023. Because the legislation enforcement company repeatedly famous, North Korea maintains a massive and well-organized military of IT staff who use stolen identities to safe employment with a whole lot of American firms.
In July 2024, U.S. authorities sanctioned, charged, or indicted 20 people and eight firms throughout three separate enforcement waves. These actions have been adopted by a fourth wave of sanctions in August 2025 that focused firms related to North Korean IT employee schemes operated by Russian and Chinese language nationals.
Extra lately, in December 2025, safety researchers revealed that Well-known Chollima (or WageMole) operatives, a part of the infamous North Korean state-backed Lazarus hacking group, tricked recruiters utilizing AI instruments and stolen identities and obtained employed by Fortune 500 firms.
Trendy IT infrastructure strikes sooner than guide workflows can deal with.
On this new Tines information, find out how your workforce can cut back hidden guide delays, enhance reliability by means of automated response, and construct and scale clever workflows on prime of instruments you already use.
