Two Americans from New Jersey have been sentenced for their roles in a remote worker fraud that funneled about $5 million in wages from U.S. companies to North Korea and its weapons of mass destruction programs, according to federal prosecutors.
A federal court in Boston sentenced Wang “Tony” Kejia, 42, to nine years in prison on April 15, and Wang “Danny” Zhenxing, 39, to more than seven years in prison on April 14, according to the U.S. Attorney’s Office for the District of Massachusetts.
The case emerged in the summer of 2025, when 10 people, including Wang Kejia and Wang Zhenxing, as well as six Chinese nationals, were charged in connection with the fraud scheme that ran from 2021 to October 2024.
“For years, the defendants enriched themselves by assisting North Korean actors in a fraudulent scheme to gain employment with U.S. companies,” John A. Eisenberg, assistant attorney general for national security, said in a statement.
“The ruse placed North Korean IT workers on the payrolls of unwitting U.S. companies and in U.S. computer systems, thereby potentially harming our national security.”
Under the scheme, the defendants stole the identities of more than 80 U.S. individuals to obtain remote jobs at more than 100 U.S. companies, including many Fortune 500 companies, according to prosecutors. These companies incurred at least $3 million in legal fees, computer network remediation costs, and other damages as a result of the scheme.
Scheme
In 2021 and 2022, Wang Kejia established two shell companies—Hopana Tech and Tony WJK—at the instruction of an individual identified in the indictment as “Individual C,” a Chinese national who managed an “information technology company” based in North Korea. Wang Kejia listed his New Jersey home address as the principal place of business.
Wang Zhenxing also established a New Jersey-based shell company called Independent Lab, according to the indictment.
The companies, along with associated websites and financial accounts, allowed overseas co-conspirator IT workers to appear affiliated with legitimate U.S. companies when applying for jobs, according to prosecutors.
In 2023, Wang Kejia met with Individual C and other co-sponsors in Dandong and Shenyang, two cities in northern China’s Liaoning Province that border North Korea, according to the indictment.
Wang Kejia eventually became the U.S.-based manager in the fraud scheme, supervising at least five U.S.-based “facilitators” who collectively housed hundreds of computers belonging to U.S. victim companies at their homes, according to prosecutors. Wang Zhenxing was one of the facilitators.
Prosecutors said the facilitators allowed overseas co-conspirator IT workers to remotely access laptops issued by U.S. victim companies by installing remote desktop software or using hardware devices known as keyboard-video-mouse (KVM) switches.
“By operating so-called ‘laptop farms,’ these defendants enabled overseas actors to infiltrate U.S. businesses, access sensitive data and undermine our economic and national security,” Leah B. Foley, U.S. attorney for the District of Massachusetts, said in a statement.
One of the victim companies was a California-based defense contractor. According to the indictment, an overseas co-conspirator posing as a U.S. citizen identified as “Lan Duc N.” secured a full-time remote software engineering position with the company in January 2024. The imposter had the company ship a work-issued laptop to Wang Kejia, who then forwarded it to Wang Zhenxing.
Wang Zhenxing then installed two remote desktop applications on the laptop, allowing another overseas co-conspirator to access the system and download data, including information controlled under the U.S. State Department’s International Traffic in Arms Regulations (ITAR), from the defense contractor’s servers, according to the indictment.
Other victim companies included a California-based software development company, a Massachusetts-based semiconductor distributor, and a Massachusetts-based online media company, according to the indictment.
From January 2024 to April 2024, the defense contractor deposited wages associated with “Lan Duc N.” totaling about $33,757 to an overseas co-conspirator’s account, according to the indictment.
Defendants
Wang Kejia, Wang Zhenxing, and four other U.S. facilitators were paid nearly $700,000 combined for their roles in the scheme, according to the U.S. Attorney’s office.
In October 2024, federal agents raided eight locations across three states to recover more than 70 laptops, according to the U.S. Attorney’s Office.
In June 2025, federal agents seized 17 fraudulent web domains and froze 29 financial accounts holding tens of thousands of dollars.
In September 2025, Wang Kejia pleaded guilty to conspiracy to commit wire fraud, conspiracy to commit money laundering, and conspiracy to commit identity theft.
In January, Wang Zhenxing pleaded guilty to conspiracy to commit mail and wire fraud and conspiracy to commit money laundering.
“The FBI is committed to working with our partners to expose and mitigate these fraudulent IT schemes and provide unwavering support to victims of North Korean cyber actors,” Special Agent in Charge Christopher S. Delzotto said in a statement.
In a sentencing memorandum, prosecutors asked the court to sentence Wang Zhenxing, who was born in China and has lived in the United States since 2008, to eight years in prison.
Wang Zhenxing’s attorneys asked the court to sentence their client to 6 1/2 years in prison, according to a sentencing memorandum.
The Epoch Times contacted lawyers representing Wang Kejia and Wang Zhenxing, but didn’t receive a response by publication time.
Separately, the U.S. State Department’s Reward for Justice program announced a reward of up to $5 million for information on the six Chinese nationals, as well as two Taiwanese individuals indicted last year and a suspected IT worker. Their names are Xu Yongzhe, Huang Jingbin, Tong Yuze, Zhou Baoyu, Yuan Ziyou, Zhou Zhenbang, Liu Mengting, Liu Enchia, and Song Min Kim (also known as Chengmin Jin).
