A Maryland resident has been sentenced to 15 months in federal prison for helping North Korean operatives infiltrate the U.S. tech sector through fraudulent remote IT positions—an effort that ultimately exposed sensitive government systems to overseas actors.
Forty-year-old Minh Phuong Ngoc Vong was also given three years of supervised release after admitting to participating in an elaborate scheme that enabled foreign operatives—believed to be North Korean citizens—to obtain high-paying software development roles using his identity. According to the U.S. Department of Justice, Vong acted as the face of the operation from 2021 to 2024, allowing his credentials to be used to secure jobs at more than a dozen American companies. Those firms paid out over $970,000 for work completed not by Vong, but by overseas conspirators operating primarily from China.
Authorities said one of the main actors, referred to as “John Doe,” likely a North Korean national based in Shenyang, carried out the bulk of the tasks after submitting job applications in Vong’s name. Doe fabricated a technical résumé that included a degree Vong did not have and 16 years of experience Vong never earned. Several employers later contracted Vong—believing him to be a legitimate U.S. developer—to work on government projects, including software used by the Federal Aviation Administration. This provided North Korean operatives with unauthorised access to systems tied to national defence.
The case is part of a broader crackdown on North Korea’s covert global IT workforce, which U.S. agencies say has become a significant source of revenue for Pyongyang. Earlier this year, federal prosecutors charged multiple North Korean nationals and facilitators in similar schemes. Authorities also launched nationwide raids on so-called “laptop farms,” where U.S. residents were paid to host corporate-issued laptops that foreign workers then accessed remotely to make it appear as though they were working from within the United States.
The Justice Department has pursued several related cases, including the July sentencing of TikTok personality Christina Chapman, who received more than eight years in prison for helping North Korean operatives use stolen identities to secure jobs at more than 300 companies—a scheme that investigators say generated $17 million for the sanctioned regime.
The FBI has warned that these operations represent a sophisticated national security threat. Assistant Director Roman Rozhavsky emphasised that North Korea is aggressively exploiting U.S. remote-work systems to funnel money into its weapons programs and urged companies to remain alert to suspicious hiring patterns.
These employment schemes operate alongside North Korea’s notorious crypto-hacking campaigns. Analysts estimate that its cyber groups have stolen more than $2 billion in digital assets in 2025 alone, targeting major exchanges in attacks that continue to help fund the country’s nuclear and missile development.
