9 indicted in Boston in connection with $5M raised for North Korean weapons

Nine people were indicted in Boston in connection with a scheme that raised $5 million to go towards North Korea and its weapons of mass destruction (WMD) program, United States Attorney Leah Foley’s office said Monday.

Jing Bin Huang, Baoyu Zhou, Tong Yuze, Yongzhe Xu, Ziyou Yuan, Zhenbang Zhou, all of China; Zhenxing “Danny” Wang, of New Jersey; Mengting Liu and Enchia Liu of Taiwan were indicted Foley’s office said in a statement. Zhenxing Wang was arrested in New Jersey earlier on Monday and will appear in federal court in Boston at a later date.

The indictments follow a multi-year investigation by federal law enforcement agencies and as part of the Department of Justice’s initiative “DPRK [Democratic People’s Republic of Korea]: Domestic Enabler,” Foley’s office said. The initiative looks into disrupting operations that target North Korea’s “illicit revenue generation efforts through remote IT workers, and the U.S.-based individuals who enable them.

North Korea’s government “has dispatched thousands of skilled IT workers around the world, who stole identities of U.S. persons and posed as domestic workers to obtain remote IT jobs with U.S. companies and generate revenue for DPRK weapons of mass destruction WMD programs,” Foley’s office said.

Those indicted in connection with the scheme retrieved sensitive employer data and source code, including International Traffic in Arms Regulations data from a California-based defense contractor developing AI-powered equipment and technologies, she continued.

Between 2021 and October 2024, those indicted in connection with the scheme transmitted fake and misleading information to dozens of U.S. companies, financial institutions and government agencies, Foley’s statement read. This included the Department of Homeland Security, the Internal Revenue Service and the Social Security Administration.

In doing so, the suspects and their co-conspirators compromised the identities of over 80 U.S. citizens; fraudulently obtained remote jobs to over 100 American companies, including several Fortune 500 companies and a defense contractor; accessed internal information from these companies; generated $5 million in revenue for overseas IT workers and caused legal fees, computer network remediation costs and other damages and losses of at least $3 million.

Zhenxing Wang and Kejia Wang assisted the overseas IT workers into the sc heme, along with four other identified U.S. facilitators not named, Foley’s office said. After they received laptops for the workers, they facilitated remote access to the computers without authorization from American companies.

“These facilitators also allegedly established accounts at U.S. financial institutions and online money transfer services to receive money from victimized U.S. companies, much of which was subsequently transferred to overseas co-conspirators,” Foley’s office said..” In exchange for their services, it is alleged that Kejia Wang, Zhenxing Wang, and the other U.S. facilitators collected at least $696,000 in fees.”

In October 2024, seven locations in New York, New Jersey and California were searched and interviews at “laptop farms” were conducted, which led to the recovery of over 70 victim company devices, the statement read. As well, 21 fraudulent web domains used to facilitate North Korean IT work have been seized, and 29 financial accounts, holding tens of thousands of dollars in funds, used to launder revenue for North Korea’s government through remote IT work.

“The threat posed by DPRK operatives is both real and immediate,” Foley said in her statement. “Thousands of North Korean cyber operatives have been trained and deployed by the regime to blend into the global digital workforce and systematically target U.S. companies. We will continue to work relentlessly to protect U.S. businesses and ensure they are not inadvertently fueling the DPRK’s unlawful and dangerous ambitions.”

The charges of conspiracy to commit mail and wire fraud, conspiracy to commit money laundering and conspiracy to violate the International Emergency Economic Powers Act (IEEPA) each provide for a sentence of up to 20 years in prison, three years of supervised release and a fine of $250,000. The charge of conspiracy to cause damage to a protected computer provides for a sentence of up to 15 years in prison, three years of supervised release and a $250,000 fine. The charge of conspiracy to commit identity theft provides for a sentence of up to five years in prison, three years of supervised release and a $250,000 fine.