U.S. Judge Imposes 9-Year Sentence on New Jersey Man in North Korea-Linked IT Fraud Case

A federal judge in Massachusetts sentenced Kejia “Tony” Wang, a 42-year-old husband and father from New Jersey, to nine years in prison this month for spearheading an international fraud operation that placed North Korean IT workers in tech jobs at more than 100 American companies, including Fortune 500 firms.

Over three years, Wang’s network stole the identities of more than 80 Americans, forged fake social security cards and California driver’s licenses with photos of the North Korean operatives, filed false employment forms with the Department of Homeland Security, and doctored tax documents that went to the IRS and Social Security Administration.

The scheme generated more than $5 million in salary payments from the victim companies, and the fallout caused at least $3 million in legal fees and computer clean-up costs at businesses in 28 states and the District of Columbia, according to court records.

Zhenxing Wang, 39, a friend of Kejia Wang since both arrived from China nearly 20 years ago, was sentenced to nearly eight years in prison. The court ordered Kejia Wang and Zhenxing Wang to forfeit $600,000 collectively that they were paid from their part in the fraud.

The sentences bring the number of Americans convicted for aiding North Korean leader Kim Jong Un’s government to at least seven since last year.

S. Army soldier, an Arizona woman, a nail technician from Maryland, and two men from California. All earned thousands of dollars for helping North Koreans collect millions in salary for doing remote IT jobs. The wave of sentencing began in 2025 with a guilty plea by a woman who helped her North Korean handlers get jobs at companies, raking in millions.

The salaries are diverted to Kim’s government to pay for nuclear weapons development, officials say. “North Korea turns around and uses the money it steals through these operations to fund the unlawful development of weapons of mass destruction—nuclear bombs, for example, and ballistic missiles with which to target the United States and our allies,” stated Jonathan Fritz, principal deputy assistant secretary of state for East Asia Pacific affairs.

Fritz spoke at a UN committee meeting on the North Korean fraud scheme in January.

S. 8 billion in the past two years to help fund the country’s nuclear weapon ambitions, according to the UN’s Multilateral Sanctions Monitoring Committee. The committee, which tracks DPRK sanctions violations and evasion tactics, revealed in January that the scheme has now victimized 40 countries around the globe.

A large portion of that total is the result of crypto theft, but the IT worker scheme reliably generates $250 million to $600 million per year in fraudulent salaries, the UN has found. “North Koreans are taking American jobs, and they’re stealing cryptocurrency from American owners of said cryptocurrency,” stated Fritz. S.

company into hiring them—often for remote jobs with salaries in the hundreds of thousands of dollars range,” Fritz added.

AI converted a North Korean accent into a convincing American-sounding voice during live job interviews, according to Evan Gordenker of cybersecurity firm Palo Alto Networks. Gordenker described this tactic at the UN committee meeting in January. “Your citizens are competing against a mechanized system that has been honed over years of training to exploit how we hire,” Gordenker told delegates at the UN committee meeting in January.

Insider intelligence firm DTEX had 87 North Korean IT workers apply for jobs in recent years, according to Michael “Barni” Barnhart. Barnhart and other investigators set up an operation in 2024 to lure DPRK IT workers and American facilitators. A partner created a front company and posted job listings as part of the 2024 operation.

A candidate applied claiming to hail from Austin, Texas. Barnhart spoke during a DTEX panel in San Francisco in March. A young man named “David” walked into the facility in person, presented a real government-issued ID, signed the paperwork, and passed the screening.

David appeared to be a college student at the time, according to Barnhart. When Barnhart’s operation shipped a company laptop to David in Texas, David said he’d moved and asked that it be routed to Moorhead, Minnesota instead. A man named “Aaron” accepted the package under David’s name in Moorhead, Minnesota.

Aaron set up the laptop and arranged it so a North Korean IT worker could perform the job tasks. Barnhart’s team had digital forensics noting every step of the laptop setup. In June 2025, the FBI announced it had conducted 29 raids across 16 states and seized 21 fraudulent websites that were part of the scheme.

In winter 2026, an investigator colleague texted Barnhart a screenshot showing David and Aaron listed as board members of an American employment company for tech workers. Barnhart’s team has pinpointed a third identity floating around that also goes by “David” but with a different last name.

The person behind all three identities was tied to a single North Korean operative Barnhart and other investigators had been tracking for years.

-based facilitators,” stated Assistant Attorney General John Eisenberg. Eisenberg made this statement in an April sentencing memo. S. companies through the use of false and fake identification documents, and pocketing substantial sums of money for their roles,” according to Eisenberg.

David denied via LinkedIn messages that he ever accepted a laptop on behalf of anyone else and said he was unaware of any employment scheme. David said his identity was stolen and that he has discovered 10 jobs linked to his identity since 2021 when he was 19 years old. David checked his IRS transcripts and noticed tons of W2s dating back to when he was 19 that he never applied for or worked for.

David filled out form 14039 to report identity theft to the IRS and reported it to the FTC. Aaron denied any knowledge of a laptop or North Korean IT worker scheme in an email to Fortune. @FortuneMagazine reported these details, drawing from court records, UN committee findings, and interviews with investigators and participants.