Ukrainian man jailed for identity theft that helped North Koreans get jobs at US companies

TechCrunch · Feb 20, 2026 · Collected from RSS

Full Article

A U.S. federal court has sentenced a Ukrainian man to five years in prison for his part in a long-running identity theft operation that helped overseas North Korean workers gain fraudulent employment at dozens of U.S. companies. U.S. prosecutors brought charges in 2024 against Oleksandr Didenko, 29, a resident of Kyiv, for setting up North Koreans with stolen identities of U.S. citizens to get hired and earn a wage. Under this scheme, the workers’ earnings were funneled back to Pyongyang, which the regime used to fund its internationally sanctioned nuclear weapons program. This is the latest in a string of recent convictions of individuals involved in facilitating ongoing North Korean so-called “IT worker” schemes. Security researchers have described North Korean workers as a “triple threat” to U.S. and Western businesses, as they violate U.S. sanctions, all the while enabling North Koreans to steal sensitive company data, and then later extort those victim companies into not publicly releasing corporate secrets. Prosecutors said Didenko ran a website called Upworksell, which allowed people working overseas, including North Koreans, to buy or rent stolen identities for gaining employment with U.S. firms. Didenko handled more than 870 stolen identities, per the Justice Department. The FBI seized Upworksell in 2024 and diverted its traffic to its own servers. Polish authorities arrested Didenko, who was then extradited to the U.S. and later pleaded guilty. A screenshot showing Upworksell’s website at the time it was seized by the FBI. (ImagE: TechCrunch/screenshot) In a statement this week, the U.S. Department of Justice said Didenko also paid people to receive and host computers at their homes in California, Tennessee, and Virginia. These “laptop farms” are rooms containing racks of open laptops, allowing North Koreans to remotely perform their work as if they were physically in the United States. Security giant CrowdStrike said last year that it has seen a sharp rise in the number of North Korean workers infiltrating companies, often as remote developers or other technical software engineering jobs. The scheme is among many that the North Korean regime uses to enrich itself, while unable to use the global financial system, thanks to international sanctions. North Koreans are also known to impersonate recruiters and VCs in efforts to trick unsuspecting high-profile and net-worth victims into granting access to their computers, including crypto. Zack Whittaker is the security editor at TechCrunch. He also authors the weekly cybersecurity newsletter, this week in security. He can be reached via encrypted message at zackwhittaker.1337 on Signal. You can also contact him by email, or to verify outreach, at zack.whittaker@techcrunch.com. View Bio