Save up to $680 on your pass with Super Early Bird rates. REGISTER NOW .
Save up to $680 on your Disrupt 2026 pass. Ends February 27. REGISTER NOW .
TechCrunch Desktop Logo TechCrunch Mobile Logo Latest Startups Venture Apple Security AI Apps Events Podcasts Newsletters Search Submit Site Search Toggle Mega Menu Toggle Topics Latest
Ukrainian man jailed for identity theft that helped North Koreans get jobs at US companies Zack Whittaker 9:38 AM PST · February 20, 2026 A U.S. federal court has sentenced a Ukrainian man to five years in prison for his part in a long-running identity theft operation that helped overseas North Korean workers gain fraudulent employment at dozens of U.S. companies.
U.S. prosecutors brought charges in 2024 against Oleksandr Didenko, 29, a resident of Kyiv, for setting up North Koreans with stolen identities of U.S. citizens to get hired and earn a wage. Under this scheme, the workers’ earnings were funneled back to Pyongyang, which the regime used to fund its internationally sanctioned nuclear weapons program.
This is the latest in a string of recent convictions of individuals involved in facilitating ongoing North Korean so-called “IT worker” schemes . Security researchers have described North Korean workers as a “triple threat” to U.S. and Western businesses, as they violate U.S. sanctions, all the while enabling North Koreans to steal sensitive company data, and then later extort those victim companies into not publicly releasing corporate secrets.
Prosecutors said Didenko ran a website called Upworksell, which allowed people working overseas, including North Koreans, to buy or rent stolen identities for gaining employment with U.S. firms. Didenko handled more than 870 stolen identities, per the Justice Department.
The FBI seized Upworksell in 2024 and diverted its traffic to its own servers. Polish authorities arrested Didenko, who was then extradited to the U.S. and later pleaded guilty.
In a statement this week , the U.S. Department of Justice said Didenko also paid people to receive and host computers at their homes in California, Tennessee, and Virginia. These “laptop farms” are rooms containing racks of open laptops, allowing North Koreans to remotely perform their work as if they were physically in the United States.
Security giant CrowdStrike said last year that it has seen a sharp rise in the number of North Korean workers infiltrating companies, often as remote developers or other technical software engineering jobs. The scheme is among many that the North Korean regime uses to enrich itself, while unable to use the global financial system, thanks to international sanctions.
North Koreans are also known to impersonate recruiters and VCs in efforts to trick unsuspecting high-profile and high-net-worth victims into granting access to their computers, including crypto.
Zack Whittaker Security Editor
Zack Whittaker is the security editor at TechCrunch. He also authors the weekly cybersecurity newsletter, this week in security .
He can be reached via encrypted message at zackwhittaker.1337 on Signal. You can also contact him by email, or to verify outreach, at [email protected] .
October 13-15 San Francisco, CA Save up to $680 on your pass before February 27. Meet investors. Discover your next portfolio company. Hear from 250+ tech leaders , dive into 200+ sessions , and explore 300+ startups building what’s next. Don’t miss these one-time savings.
___________________________________________________________________________________________________________
-- --
PLEASE LIKE IF YOU FOUND THIS HELPFUL TO SUPPORT OUR FORUM.
