Five individuals have pleaded guilty to aiding North Korea in its fraudulent schemes, including remote IT worker fraud and cryptocurrency theft. The U.S. Department of Justice revealed that these individuals, four Americans and one Ukrainian, used stolen and fake identities to facilitate hiring North Korean agents for remote work at American companies. This operation impacted 136 firms and generated over $2.2 million for North Korea. Among those guilty, Oleksandr Didenko was involved in wire-fraud conspiracy and aggravated identity theft, selling stolen U.S. identities to overseas IT workers who then worked at 40 U.S. companies. Erick Ntekereze Prince, through his company Taggcar Inc., placed workers using stolen identities in 64 U.S. firms, causing damages exceeding $943,000. The others—Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis—also engaged in similar schemes, collectively causing $1.28 million in damages. The DOJ is seeking to forfeit $15 million in cryptocurrency linked to these activities, specifically from the APT38 threat group associated with the Lazarus hacking group. This group has conducted significant cyber-heists, stealing $382 million from cryptocurrency exchanges in Panama, Estonia, and Seychelles in 2023. Authorities have already seized $15 million and continue efforts to track down additional stolen funds. Didenko will forfeit $570,000 in cash and $830,000 in cryptocurrency as part of his guilty plea.