Maryland man sentenced to 15 months for helping North Korean hackers infiltrate US tech firms

A man in Maryland has been sentenced to a 15-month prison sentence and three years of supervised release after a revelation that he has been helping North Korea to place IT workers inside US companies covertly.

For a cool 3 years, Minh Phuong Ngoc Vong used false credentials to secure jobs with at least 13 US companies. These employers collectively paid him more than $970,000 for software development work that was actually performed by an overseas co-conspirator.

North Koreans get their hands on sensitive US government systems

According to court documents, Vong conspired with others, including John Doe, aka William James, a foreign national living in Shenyang, China, to hire Vong as a remote software developer. 

In fact, 2 years ago, Vong participated in an online job interview with the CEO of a Virginia-based company. He verified his identity and citizenship by showing his Maryland driver’s license and US passport. 

Following the interview, the company hired Vong and assigned him to work on a contract for the Federal Aviation Administration (FAA) involving a particular software application used by various US government agencies to manage sensitive information regarding national defense matters.

The company provided Vong with a laptop to use in connection with his employment, and the FAA authorized Vong to receive a Personal Identity Verification card to access government facilities and systems. Vong installed remote access software on the laptop to facilitate Doe’s access to it and conceal his location in China.

The company paid Vong more than $28,000 in wages for work he performed, portions of which Vong then sent overseas to Doe and other conspirators. Additionally, Vong allowed Doe and others to use his computer access credentials to perform the remote software development work and receive payment for that work. 

The resume falsely represented that Vong possessed a Bachelor of Science degree and 16 years of experience as a software developer. However, Vong did not have a college degree or experience in software development.

The court documents reveal that Vong was aware that Doe was located near North Korea. Doe’s communications show that he is likely a North Korean national who was working to generate revenue for the North Korean government. To that end, the court has reasons to believe that the conspirators gained unauthorized access to sensitive government systems.

North Korea increased its illicit cyber operations 

Employment infiltration is one among several revenue streams for North Korea’s cyber operations. The US has put on efforts to counter the infiltration campaign, including nationwide efforts to dismantle “laptop farms” launched in June. These setups, located in US homes, allow overseas North Korean IT workers to disguise their true locations by remotely controlling laptops issued by American companies to supposedly US-based employees.

“North Korea remains intent on funding its weapons programs by defrauding U.S. companies and exploiting American victims of identity theft, but the FBI is equally intent on disrupting this massive campaign and bringing its perpetrators to justice,” assistant director Roman Rozhavsky of the FBI Counterintelligence Division stated.

Last year, a federal court in St. Louis indicted 14 North Koreans for a long-running scheme to extort US companies and funnel money to Pyongyang’s weapons programs.

Besides infiltration, North Koreans scheme fraud by gaining access to companies holding crypto through employment and then hacking their wallets.  

According to blockchain analytics firm Elliptic, the country’s crypto-hacking groups have stolen approximately $2 billion in 2025 alone. This brought the total stolen digital assets in recent years by the regime to more than $6 billion. The funds, from hacks including those of crypto exchanges Bybit and Upbit, finance North Korea’s nuclear and missile programs.

However, as reported by Cryptopolitan, North Korea is allegedly using banned Nvidia GPUs to enhance its crypto theft schemes. According to recent analysis, researchers have revealed that the country has accumulated research on artificial intelligence since the late 90s, focusing on pattern recognition, speech processing, and data optimization.

The smartest crypto minds already read our newsletter. Want in? Join them.