Financial Crime World

FBI Busts International Identity Theft Ring Linked to North Korean Hackers

A Significant Blow to International Cybercrime

The FBI has announced the arrest of two individuals allegedly linked to North Korea’s IT workers who used stolen identities and fake documents to secure jobs at major US companies. The operation also resulted in the seizure of funds and equipment worth millions.

The Investigation Unfolds

According to court documents, Ukrainian national Andrii Didenko, 43, was arrested on May 6 at the request of the United States, which is seeking his extradition from Poland. Didenko’s company, upworksell.com, which advertised creating, buying, and renting accounts at US job search platforms using false identities, was seized by the Justice Department.

  • The investigation revealed that Didenko’s IT workers used laptop farms in the US to access computer networks of major companies, posing as US citizens.
  • The FBI executed search warrants on several of these laptop farms in early May.

Ukrainian national Olexandr Didenko (no relation to Andrii), 35, was charged with creating and selling false identities, including those of US persons, to overseas IT workers. His website advertised “Credit Card Rental” services in the EU and US, as well as SIM card rental for cellular phones.

The FBI’s Investigation Reveals a Larger Network

The FBI’s investigation revealed that Didenko’s laptop farms hosted up to 871 proxy identities and facilitated the operation of at least three U.S.-based laptop farms, with one customer requesting a laptop be sent from one farm to another. The interconnectivity between these cells suggests a larger network of North Korean IT workers.

Serious Charges and Potential Prison Sentences

The defendants face serious charges, including aggravated identity theft, money laundering, and conspiracy. If convicted, they could face prison sentences ranging from 20 years to over 100 years.

International Cooperation Crucial in Combating Cybercrime

The FBI’s investigation was assisted by the IRS-CI Phoenix Field Office, the Chicago Field Office, and several other agencies. The US Attorney’s Offices for the District of Columbia, Arizona, California, Tennessee, and Virginia also provided support.

This case highlights the ongoing threat posed by North Korean IT workers and underscores the need for international cooperation to combat cybercrime.