U.S. seizes additional crypto linked to North Korea’s illegal network

Posted on by

**U.S. Department of Justice Convicts Several in Scheme Aiding North Korea’s Fraudulent Digital Asset Gains**

The U.S. Department of Justice (DOJ) announced on Friday the conviction of several criminals involved in schemes that helped the Democratic People’s Republic of Korea (DPRK) illicitly obtain large amounts of digital assets. The DOJ also successfully recovered approximately $15 million in proceeds tied to remote information technology (IT) work and a cryptocurrency heist.

According to the DOJ, North Korea uses such fraudulent schemes to finance its weapons programs and other priorities, in direct violation of international sanctions. Investigations revealed that facilitators based in the U.S. and Ukraine assisted North Korean actors in securing remote IT employment with U.S. companies, furthering these illicit gains.

### U.S. Nationals Plead Guilty to Wire Fraud Conspiracy

Court documents linked to five guilty pleas show that the hackers’ schemes affected over 136 U.S. victim companies, generating more than $2.2 million in revenue for the DPRK regime. The fraudulent activities also compromised the identities of more than 18 U.S. citizens.

The DOJ further disclosed that a North Korean hacking group known as Advanced Persistent Threat 38 (APT38) executed a multimillion-dollar cryptocurrency heist across four overseas digital asset platforms in 2023. The U.S. government is now seeking to return the seized virtual currency—valued at over $15 million—to the rightful owners.

“Hostile nation-states raising funds for illicit programs by stealing from digital asset exchanges threatens both national security and economic stability,” said Mathew Galeotti, Acting Assistant Attorney General of the Justice Department’s Criminal Division. “The Criminal Division is steadfast in its determination to forfeit ill-gotten gains from bad actors and return funds to victims.”

### Details of the Fraudulent Scheme

Court filings from the U.S. District Court for the Southern District of Georgia revealed that U.S. nationals Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis pleaded guilty to one count of wire fraud conspiracy.

Authorities found that Phagnasay and Travis knowingly provided their U.S. identities to remote IT workers located outside the country, enabling those workers to fraudulently apply for and obtain employment with U.S. companies.

Additionally, the trio hosted laptops provided by the victim companies at their residences and installed unauthorized remote access software. This setup created the false impression that the remote IT workers were legitimately working from the defendants’ homes.

The defendants also facilitated completion of employer vetting procedures on behalf of the remote workers. Notably, both Travis and Salazar appeared for drug testing intended for the remote employees.

### Court-Imposed Fines

The court fined Alexander Paul Travis at least $51,397 for his role in the scheme. Audricus Phagnasay and Jason Salazar were fined approximately $3,450 and $4,500, respectively.

U.S. Attorney Margaret Heap for the Southern District of Georgia praised the cooperation among U.S. law enforcement agencies in uncovering, investigating, and prosecuting those involved in the fraudulent activities.

### Additional Guilty Pleas and Charges

Ukrainian national Oleksandr Didenko also pleaded guilty earlier this week to one count each of wire fraud conspiracy and aggravated identity theft. The U.S. District Court for the District of Columbia revealed that Didenko’s IT worker clients were paid hundreds of thousands of dollars by U.S. companies for their work.

Didenko agreed to forfeit more than $1.4 million, including about $570,000 in both fiat currency and digital assets seized from him and his co-conspirators.

Furthermore, U.S. national Erick Ntekereze Prince pleaded guilty on November 6 to one count of wire fraud conspiracy. The Southern District of Florida court uncovered that Prince’s company, Taggcar Inc., supplied purportedly certified IT workers to U.S. companies between June 2020 and August 2024. Prince knowingly hosted U.S. company-provided laptops used by IT workers employing stolen or false identities to secure employment.

In January 2025, Prince, U.S. national Emanuel Ashtor, and Mexican national Pedro Ernesto Alonso de los Reyes were charged for their participation in the scheme. The fraudulent IT worker operation generated over $943,000 in salary payments from U.S. companies.

Currently, Pedro Ernesto Alonso de los Reyes is awaiting extradition from the Netherlands, while Emanuel Ashtor’s trial is pending.

*Claim your free seat in an exclusive crypto trading community limited to 1,000 members.*
https://bitcoinethereumnews.com/crypto/u-s-seizes-additional-crypto-linked-to-north-koreas-illegal-network/

Leave a Reply

Your email address will not be published. Required fields are marked *