North Korean remote IT worker scam operation targeting American companies
Campaign
Summary
Hide ▲
Show ▼
A long-running North Korean remote IT worker scam operation used stolen identities and fake placements to embed operators inside more than 100 American companies. The campaign supported DPRK revenue generation and insider access, with facilitators helping workers appear based in the US while using remote access and other concealment methods.
Related Happenings
U.S. Treasury sanctions Kok An scam network
Regulatory/Legal Action
First: 04.05.2026 08:59
Last: 04.05.2026 08:59
Sources 1
About this happening:
The **U.S. Treasury Department** sanctioned **Cambodian Senator Kok An** and affiliates tied to **cyber scam compounds**, escalating financial and legal pressure on a network accu...
U.S. Treasury sanctions Kok An scam network
Regulatory/Legal ActionAbout this happening: The **U.S. Treasury Department** sanctioned **Cambodian Senator Kok An** and affiliates tied to **cyber scam compounds**, escalating financial and legal pressure on a network accu...
Albanian scam call centers investment-fraud campaign
Campaign
First: 30.04.2026 13:00
Last: 30.04.2026 13:00
Sources 1
About this happening:
A **two-year investment-fraud campaign** tied to **Albanian scam call centers** has been disrupted after **10 arrests**, revealing a coordinated operation that allegedly stole **a...
Albanian scam call centers investment-fraud campaign
CampaignAbout this happening: A **two-year investment-fraud campaign** tied to **Albanian scam call centers** has been disrupted after **10 arrests**, revealing a coordinated operation that allegedly stole **a...
DoJ/FBI/USSS crypto-fraud domain seizure and charges
Law Enforcement
First: 27.04.2026 18:00
Last: 27.04.2026 18:00
Sources 1
About this happening:
**DoJ**, **FBI**, and **US Secret Service** investigators **seized 503 domains** linked to **fraudulent crypto platforms**, disrupting infrastructure used in a Cambodia-based scam...
DoJ/FBI/USSS crypto-fraud domain seizure and charges
Law EnforcementAbout this happening: **DoJ**, **FBI**, and **US Secret Service** investigators **seized 503 domains** linked to **fraudulent crypto platforms**, disrupting infrastructure used in a Cambodia-based scam...
OFAC sanctions Cambodian crypto-fraud network
Regulatory/Legal Action
First: 27.04.2026 18:00
Last: 27.04.2026 18:00
Sources 1
About this happening:
US sanctions now target **Senator Kok An** and **29 individuals and organizations** tied to alleged **crypto-fraud**, blocking **US-based assets** and restricting transactions wit...
OFAC sanctions Cambodian crypto-fraud network
Regulatory/Legal ActionAbout this happening: US sanctions now target **Senator Kok An** and **29 individuals and organizations** tied to alleged **crypto-fraud**, blocking **US-based assets** and restricting transactions wit...
US Scam Center Strike Force indictments and domain seizures against scam centers
Law Enforcement
First: 24.04.2026 19:48
Last: 24.04.2026 19:48
Sources 1
About this happening:
US authorities **indicted** two people and **seized** scam infrastructure in a **financial-fraud** case targeting Southeast Asian scam centers, disrupting operations used to scam...
US Scam Center Strike Force indictments and domain seizures against scam centers
Law EnforcementAbout this happening: US authorities **indicted** two people and **seized** scam infrastructure in a **financial-fraud** case targeting Southeast Asian scam centers, disrupting operations used to scam...
Timeline
-
16.04.2026 19:00 4 articles · 1mo ago
US Justice Department sentences Kejia Wang and Zhenxing Wang for North Korean IT worker scam
Legal Policy Action UpdateThe US Justice Department announced that Kejia Wang, 42, and Zhenxing Wang, 39, were sentenced for helping run North Korean remote IT worker scams that used stolen identities of at least 80 American citizens to deceive more than 100 American companies and generate more than $5m for the DPRK.
Show sources
- US Nationals Jailed for Operating Fake Remote Worker Laptop Farms for North Korea — www.infosecurity-magazine.com — 16.04.2026 19:00
- US Nationals Jailed for Operating Fake Remote Worker Laptop Farms for North Korea — www.infosecurity-magazine.com — 16.04.2026 19:00
- US: Five Plead Guilty in North Korean IT Worker Fraud Scheme — www.infosecurity-magazine.com — 17.11.2025 13:15
- Japan, South Korea Take Aim at North Korean IT Worker Scam — www.darkreading.com — 04.09.2025 04:00
-
16.04.2026 19:00 1 articles · 1mo ago
Public reporting details the multi-year North Korean remote IT worker scheme
Campaign Scope UpdateThe multi-year campaign used stolen identities to obtain remote IT worker roles at more than 100 organizations, including several Fortune 500 companies, and gave North Korean operators remote access to company laptops so they could steal sensitive data and source code from firms including military contractors and AI companies.
Show sources
- US Nationals Jailed for Operating Fake Remote Worker Laptop Farms for North Korea — www.infosecurity-magazine.com — 16.04.2026 19:00