Two US Nationals Sentenced to 18 Months for Hosting Laptops in DPRK IT Worker Fraud
Matthew Issac Knoot of Nashville, Tennessee, and Erick Ntekereze Prince of New York each received 18-month prison sentences for receiving and hosting laptop computers that US companies shipped to addresses the defendants maintained. The scheme allowed Democratic People’s Republic of Korea IT workers to pose as US-based employees and generate revenue for the DPRK government.
fonearena.comA US Department of Justice announcement on May 6, 2026, states that Matthew Issac Knoot of Nashville, Tennessee, and Erick Ntekereze Prince of New York were each sentenced to 18 months in prison for facilitating fraudulent remote information technology worker schemes that generated revenue for the Democratic People’s Republic of Korea.
The two men operated in separate cases. Both received and hosted laptop computers at their residences that victim US companies shipped to IT workers the companies believed were located at the defendants’ addresses. The Justice Department release identifies the conduct as enabling DPRK nationals to work for US firms while concealing their location and nationality, in violation of US sanctions.
Scope of the conduct centers on two US nationals directly supporting the DPRK revenue scheme. The Justice Department release does not specify the number of victim companies or total revenue generated in these cases. It notes the laptops were shipped to the defendants’ homes as part of the deception that the workers were physically present in the United States.
The sentencings conclude the judicial phase for Knoot and Prince. Both men now begin serving 18-month terms. The cases form part of broader US enforcement against DPRK IT worker fraud networks that allow sanctioned entities to earn hard currency through remote employment scams.
Downstream, the sentences trigger standard Bureau of Prisons processing and potential asset forfeiture actions tied to the fraud. Companies that fell victim to the schemes must review internal hiring controls to prevent future remote-worker deception.
Federal agencies continue to pursue similar cases, which require coordination between the Justice Department, Treasury sanctions authorities, and private-sector compliance teams. The enforcement also places pressure on technology firms to strengthen geolocation and identity verification for remote IT roles.
This is the latest Justice Department action against US-based facilitators of DPRK IT worker schemes. The department has brought multiple cases in recent years that document how DPRK operatives use false identities and US addresses to bypass sanctions and earn revenue for the Pyongyang government.
The original remote-worker fraud model dates back years, with the Justice Department and Treasury repeatedly warning companies about the tactic.
Coverage spread
Substrate’s article above is written from the primary record. Below: how mainstream outlets reported the same event.
No mainstream coverage of this story has surfaced yet.
Transparency Panel
Related Stories
Al JazeeraTrump Meets Advisers to Decide on Iran Ceasefire Extension
President Trump said he is holding a Situation Room meeting to make a final decision on a possible deal with Iran. The proposed agreement would extend the ceasefire by 60 days and reopen the Strait of Hormuz.
rediff.comTrump to Decide on Iran Deal in Situation Room Meeting
President Trump said Friday he is heading into the Situation Room to make a final determination on a potential agreement with Iran. The proposed deal would reopen the Strait of Hormuz without tolls and require destruction of Iran's highly-enriched uranium.
realitytea.comTrump Says U.S. Will Lift Iran Naval Blockade After Nuclear and Hormuz Pledges
President Trump stated the U.S. will end its naval blockade of Iran once Tehran commits to forgoing nuclear weapons and opens the Strait of Hormuz to unrestricted shipping. The announcement came via Truth Social and a live statement.