Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case
Ukrainian National Sentenced for Role in North Korea’s IT Worker Scheme
A Ukrainian national, Oleksandr “Alexander” Didenko, has been sentenced to five years in prison for his role in a large-scale scheme to facilitate North Korea’s fraudulent information technology (IT) worker program.
The Scheme
The 29-year-old was convicted of wire fraud conspiracy and aggravated identity theft after stealing the identities of U.S. citizens and selling them to IT workers, who used them to secure jobs at 40 U.S. companies.
The scheme, which began in 2021, involved Didenko operating a website called Upworksell[.]com, where he sold stolen or borrowed identities to overseas IT workers. These workers used the identities to apply for jobs on freelance platforms based in California and Pennsylvania.
To create the illusion that the workers were based in the U.S., Didenko paid individuals in the country to host laptops at their residences in Virginia, Tennessee, and California, which were then used by the workers to remotely access the jobs.
Scope of the Scheme
As part of the scheme, Didenko managed over 871 proxy identities and operated at least three U.S.-based laptop farms. One of the laptops was linked to a farm run by Christina Marie Chapman in Arizona, who was arrested in May 2024 and sentenced to 102 months in prison in July 2025 for her role in the scheme.
Financial Impact
Didenko’s clients, who were based in countries such as China, were paid hundreds of thousands of dollars for their work. To facilitate these payments, Didenko used Money Service Transmitters to access the U.S. financial system, allowing his clients to receive their earnings without having to open a U.S. bank account.
According to U.S. Attorney Jeanine Ferris Pirro, “Defendant Didenko’s scheme funneled money from Americans and U.S. businesses into the coffers of North Korea, a hostile regime.” Pirro emphasized that the scheme not only posed a threat to U.S. businesses but also supported North Korea’s munitions programs.
Evolution of the Scheme
Despite law enforcement efforts to disrupt the scheme, it has continued to evolve, with the IT workers adopting new tactics to evade detection. According to a recent report from threat intelligence firm Security Alliance, the workers have begun applying for remote positions using real accounts of individuals they are impersonating, in an effort to make their applications appear authentic.
Sentence and Restitution
Didenko’s sentence includes 12 months of supervised release and a restitution payment of $46,547.28. He has also agreed to forfeit over $1.4 million, including $181,438 in U.S. dollars and cryptocurrency seized from him and his co-conspirators.
About Author
English