Overview
- Audricus Phagnasay, Jason Salazar, Alexander Paul Travis, and Erick Ntekereze Prince pleaded to wire-fraud conspiracy in Georgia and Florida, while Ukrainian national Oleksandr Didenko admitted wire-fraud conspiracy and aggravated identity theft in Washington, D.C.
- Facilitators supplied stolen or borrowed identities, hosted employer laptops, installed remote access tools, and even appeared for drug testing so overseas IT workers could pass as U.S.-based hires.
- The activity touched more than 136 U.S. companies, routed over $2.2 million to the DPRK, and misused the identities of more than 18 U.S. persons, according to the Justice Department.
- Didenko ran an identity-brokering operation that enabled jobs at more than 40 firms, agreed to forfeit over $1.4 million in cash and crypto, and was arrested in Poland in 2024 before extradition to the U.S.
- DOJ filed civil forfeiture actions for over $15 million in USDT tied to APT38’s 2023 hacks of platforms in Estonia, Panama, and Seychelles, with the FBI continuing to trace funds for return to victims under the DPRK RevGen initiative.