Maryland Man Receives Sentence for Assisting North Korea in Infiltrating U.S. Tech Companies

A Maryland man has been sentenced for assisting North Korea in secretly placing IT workers inside American companies. Minh Phuong Ngoc Vong, 40, received 15 months in prison along with three years of supervised release on Thursday.

From 2021 to 2024, Vong used fraudulent credentials to gain employment at at least 13 U.S. companies. These companies collectively paid him over $970,000 for software development tasks, which were actually completed by an overseas co-conspirator known as John Doe or other foreign operatives believed to be North Korean nationals.

Several of the firms also contracted Vong for projects with U.S. government agencies, including the Federal Aviation Administration (FAA). This allowed the conspirators, operating from China, to access sensitive government systems without authorization.

North Korea's Ongoing Infiltration Efforts

Vongs sentencing occurs amid North Koreas broader campaign to place workers in U.S. companies, including those in the cryptocurrency sector. U.S. authorities have been countering these operations, including charges filed in January against two North Korean nationals and three facilitators, as well as efforts to dismantle laptop farms in American homes. These setups enable North Korean IT operatives to remotely control laptops assigned to employees who appear to be U.S.-based.

In December 2024, a federal court in St. Louis indicted 14 North Koreans for a scheme to extort U.S. companies and funnel funds to Pyongyangs weapons programs. Earlier, a TikTok influencer was sentenced to over eight years for helping foreign IT workers obtain jobs in the U.S. using stolen identities, a scheme that sent $17 million back to North Korea.

North Korea continues to fund its weapons programs by defrauding U.S. companies and exploiting identity theft victims, but the FBI is committed to disrupting these operations and holding perpetrators accountable, said Roman Rozhavsky, assistant director of the FBI Counterintelligence Division. North Korean IT workers pretending to be U.S. citizens have funneled hundreds of millions of dollars to Pyongyang. The FBI urges all companies hiring remote workers to stay alert to this threat.

Details of the Scheme

Vong collaborated with Doe, who is believed to live in Shenyang, China, approximately 460 kilometers from North Koreas border. Doe submitted job applications in Vongs name, falsely claiming a bachelors degree and 16 years of experience. In at least one instance, he applied to a Virginia company requiring U.S. citizenship.

After Vong secured the positions, he provided credentials to the overseas workers, who completed the tasks remotely. One assignment involved working as a contractor for the FAA on software used by multiple U.S. agencies to manage sensitive national defense information. Doe completed the work under Vongs identity, earning more than $28,000, some of which Vong sent abroad.

Vong entered a plea agreement on January 30, 2023.

North Koreas Cyber Revenue Streams

Employment infiltration is just one source of income for North Koreas cyber operations. Another involves gaining access to cryptocurrency companies and hacking their wallets. In 2025 alone, North Korean-linked groups reportedly stole more than $2 billion in digital assets, bringing total thefts in recent years to over $6 billion. The funds support the countrys nuclear and missile programs.

Author: Harper Simmons