A 29-year-old Ukrainian national has been sentenced to five years in prison in the United States for aiding North Korea’s information technology (IT) worker fraud scheme.
In November 2025, Oleksandr “Alexandr” Dydenko pled guilty to wire fraud conspiracy and aggravated identity theft for stealing the identities of U.S. citizens and selling them to IT workers to help them get jobs and regular paychecks at 40 U.S. companies, with the proceeds returned to the regime to support weapons programs. He was arrested by Polish authorities in late 2024 and subsequently extradited to the United States.
Didenko was also ordered to serve 12 months of supervised release and pay $46,547.28 in restitution. Last year, Didenko also agreed to forfeit more than $1.4 million, including approximately $181,438 in U.S. dollars and cryptocurrencies seized from him and his co-conspirators.
The defendant allegedly operated a website named Upworksell.[.]com has been helping overseas IT workers buy or rent stolen or borrowed IDs since early 2021. IT workers misused these identities to apply for jobs on freelance job platforms based in California and Pennsylvania. This location was seized by authorities on May 16, 2024.
Additionally, Didenko paid individuals in the United States to pick up and host laptops at their residences in Virginia, Tennessee, and California. The idea was to give the impression that the workers were in the country, when in fact they were connecting remotely from the country they were being deployed to, such as China.
As part of his criminal scheme, Didenko controlled 871 proxy identities to facilitate the operation of at least three U.S.-based laptop farms. One of the computers was sent to a laptop farm run by Christina Marie Chapman in Arizona. Chapman was arrested in May 2024 for his role in the scheme and sentenced to 102 months in prison in July 2025.
Additionally, he allowed North Korean customers to access the U.S. financial system through money service transmitters instead of opening accounts at banks in the United States. These money transfer services were used to transfer employment income to foreign bank accounts. Officials said Didenko’s clients were paid hundreds of thousands of dollars for the work.
“Didenko’s scheme funneled funds from Americans and American companies into the coffers of a hostile regime, North Korea,” said U.S. Attorney Jeanine Ferris Pirro. “Today, North Korea not only threatens the homeland from afar, but is also an enemy at home.”
“North Korean actors are using stolen and fraudulent personal information to infiltrate U.S. businesses and steal information, licenses, and data that are harmful to any business. But more than that, the money paid to these so-called employees goes directly to North Korea’s military programs.”
Despite continued efforts by law enforcement, the Hermit Kingdom conspiracy shows no signs of slowing down. Rather, the operation continues to evolve, introducing new tactics and techniques to evade detection.
According to a report last week from threat intelligence firm Security Alliance (SEAL), IT employees began applying for remote positions using the real LinkedIn accounts of spoofed individuals to make fraudulent applications appear genuine.
Source link
