In brief
- Maryland man Minh Phuong Ngoc Vong has been sentenced to 15 months in jail for helping North Korea insert IT workers in U.S. tech firms.
- Ngoc Vong obtained U.S. tech jobs on behalf of overseas conspirators, likely including a North Korean national.
- The scheme gave foreign operatives unauthorized access to sensitive government systems, including those tied to national defense.
A man in Maryland has become the latest American sentenced for helping North Korea to covertly place IT workers inside U.S. companies.
Minh Phuong Ngoc Vong, 40, received a 15-month prison sentence and three years of supervised release on Thursday.
Between 2021 and 2024, Vong used false credentials to secure jobs with at least 13 U.S. companies. Those employers collectively paid him more than $970,000 for software development work that was actually performed by an overseas co-conspirator known as “John Doe” or by other foreign operatives, all thought to be North Korean citizens.
Several of these companies also contracted Vong’s services to U.S. government agencies, including the Federal Aviation Administration (FAA). As a result, the conspirators gained unauthorized access—operating from China—to sensitive government systems.
North Korea’s infiltration campaign
His sentencing comes amid a wide-ranging effort by North Korea to embed workers in U.S. companies including crypto firms.
U.S. attempts to counter the infiltration campaign include charges levelled in January against two North Korean nationals and three facilitators, as well as nationwide efforts to dismantle “laptop farms” launched in June. These setups, located in U.S. homes, allow overseas North Korean IT workers to disguise their true locations by remotely controlling laptops issued by American companies to supposedly U.S.-based employees.
In December 2024, a federal court in St. Louis indicted 14 North Koreans for a long-running scheme to extort U.S. companies and funnel money to Pyongyang’s weapons programs.
And in July, Tiktok influencer Christina Chapman was sentenced to more than eight years in prison for stealing the identities of 68 Americans and helping foreign IT workers use them to obtain jobs at more than 300 companies. Investigators say the scheme generated $17 million sent back to North Korea.
“North Korea remains intent on funding its weapons programs by defrauding U.S. companies and exploiting American victims of identity theft, but the FBI is equally intent on disrupting this massive campaign and bringing its perpetrators to justice,” assistant director Roman Rozhavsky of the FBI Counterintelligence Division said following the June operation.
“North Korean IT workers posing as U.S. citizens fraudulently obtained employment with American businesses so they could funnel hundreds of millions of dollars to North Korea’s authoritarian regime. The FBI will do everything in our power to defend the homeland and protect Americans from being victimized by the North Korean government, and we ask all U.S. companies that employ remote workers to remain vigilant to this sophisticated threat.”
Vong worked with Doe, believed to be a North Korean living in Shenyang, China, roughly 460 kilometers from the North Korean border. Doe submitted applications under Vong’s name, falsely claiming a bachelor’s degree and 16 years of software development experience. In at least one case, he applied to a Virginia-based company that required U.S. citizenship as a condition of employment.
Once Vong secured a position, he provided his credentials to the overseas workers, who carried out the job remotely.
The Virginia company ultimately assigned Vong to work as a contractor for the FAA on a software application used by multiple U.S. agencies to manage sensitive national defense information, according to the Justice Department. Doe performed the work under Vong’s identity, generating more than $28,000 in earnings, part of which Vong transferred abroad.
Vong entered a plea agreement on January 30, 2023.
North Korean hacks
Employment infiltration is one among several revenue streams for North Korea’s cyber operations. Another is gaining access to companies holding crypto through employment and then hacking their wallets.
The country’s crypto-hacking groups have stolen more than $2 billion in 2025 alone, according to blockchain analytics firm Elliptic, bringing total stolen digital assets in recent years by the regime to more than $6 billion. The funds, from hacks including those of crypto exchanges Bybit and Upbit, finance North Korea’s nuclear and missile programs.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
Source: https://decrypt.co/351103/maryland-man-sentenced-for-helping-north-korea-infiltrate-u-s-tech-firms
