A major fraud case in the United States has revealed how a hidden network of remote workers generated millions of dollars for North Korea. Authorities confirmed that two U.S. nationals, Kejia Wang and Zhenxing Wang, were sentenced for helping foreign workers pose as American IT professionals.
The scheme operated from around 2021 to October 2024. During this period, the network secured remote IT jobs at more than 100 U.S. companies, including several large and well-known firms. Employers believed they were hiring workers based in the United States, but in reality, the work was carried out from overseas.
The fraud used stolen identities of at least 80 U.S. citizens. These identities were used to pass hiring checks and gain access to company systems. The operation generated more than $5 million, with a large portion of the funds transferred abroad in violation of sanctions.
Authorities said the scheme not only involved financial fraud but also created serious risks to national security, as foreign actors were able to access U.S. business systems.
How the “Laptop Farm” Scheme Worked
The operation relied on “laptop farms,” which were physical setups located inside the United States. When companies hired remote workers, laptops were shipped to U.S. addresses controlled by the group.
Kejia Wang played a central role by managing the U.S. side of the operation. He supervised multiple facilitators who hosted company laptops in their homes. Zhenxing Wang was one of the facilitators who received and maintained these devices.
The laptops were connected to hardware devices known as KVM switches. These allowed overseas workers to remotely access and control the computers, making it appear as if the work was being done within the United States.
The group also created shell companies with bank accounts to make the setup look legitimate. These companies had no real employees or operations. They existed only to receive payments from U.S. companies and move money through the system.
Financial accounts linked to these shell companies received millions of dollars. Much of this money was transferred to overseas co-conspirators. In exchange, the U.S.-based facilitators received nearly $700,000 for their roles.
Authorities also identified several other individuals connected to the scheme who remain at large. These include Xu Yongzhe, Huang Jingbin, Tong Yuze, Zhou Baoyu, Yuan Ziyou, Zhou Zhenbang, Liu Menting, Liu Enchia, and Song Min Kim.
Minh Vong Pleads Guilty in Shocking Remote Work Scam
Security Risks, Investigation, and Sentencing
The scheme exposed U.S. companies to serious risks. Some of the workers gained access to sensitive systems, source code, and internal data. In one case, a defense contractor’s systems were accessed without authorization, including data controlled under strict export regulations.
U.S. companies suffered losses of at least $3 million. These losses included legal costs, system repairs, and expenses related to investigating the breaches.
Law enforcement agencies conducted searches at multiple locations across several states. They recovered more than 70 laptops and remote access devices. Authorities also seized web domains and financial accounts linked to the scheme, including those connected to the shell companies.
The court sentenced Kejia Wang to 108 months in prison and Zhenxing Wang to 92 months. Both were also ordered to serve three years of supervised release after their prison terms.
In addition to prison sentences, the court ordered forfeiture of $600,000 earned through the scheme, with $400,000 already recovered. Additional restitution was also imposed in the case.
Authorities confirmed that a reward of up to $5 million has been announced for information that can help disrupt financial networks linked to North Korea and similar operations.
The investigation involved multiple federal agencies working together to uncover the full scale of the operation and identify those responsible.