An American sentenced for helping North Korea infiltrate US tech

If Pyongyang is not yet firing missiles at the United States, believe it, the attack is already underway. But on other fronts. Kim Jong-un’s army advances silently, dressed as developers. Objective: annihilate the enemy from within, keyboard after keyboard. Welcome to the era of North Korean hacking, where lines of code replace front lines.

The fake developer who trapped American tech

Is this a new move by the Lazarus Group? The mystery remains, but the case already chills the blood. Minh Phuong Ngoc Vong, a 40-year-old American citizen, was recently sentenced to 15 months in prison. His crime? Lending his identity to North Korean hackers to infiltrate at least 13 American companies, several contracted with government agencies.

Between 2021 and 2024, Vong impersonated a developer with a fake resume: bogus degree, false experience, and even a claimed secret clearance level. All to allow North Korean agents, including one “William James” based in Shenyang, to work remotely under his cover. Companies, believing they were hiring an American, unknowingly funded hacking operations originating from Asia.

Worse: Vong even secured a contract with the FAA, the Federal Aviation Administration, accessing defense-related systems. One click was enough to open a door to sensitive data.

As Roman Rozhavsky from the FBI Counterintelligence Division sums up:

North Korea remains determined to fund its weapons programs by scamming American companies and exploiting American victims of identity theft, but the FBI is equally determined to disrupt this vast campaign and bring its perpetrators to justice. 

Invisible hackers, very real salaries

North Korean hackers do not just infiltrate. They get paid. Minh Vong received over $970,000 in salaries, passing a large portion to his accomplices. Officially, he was a developer for thirteen companies. Unofficially, he was the face of a network of digital agents.

“Laptop farms” have become a strategic tool: American homes hosting computers provided by companies, remotely controlled by North Koreans. The scheme is simple: an American lends his papers, access, connection. In return, he gets a commission, while the real work is done in Pyongyang or Shenyang.

An investigation revealed that one of the developers who recommended Vong during a virtual interview discovered much later that the person he met was not the same as the one in the ID photos.

As the DOJ points out in a statement:

Doe’s communications show he is likely a North Korean national working to generate revenue for the North Korean government. Accordingly, the court finds the conspirators gained unauthorized access to sensitive government systems.

Meanwhile, Pyongyang discreetly pockets millions of dollars.

Cryptos, AI, digital sabotage: tech under pressure

North Korean hackers don’t stop at sensitive data. They also attack cryptocurrencies. In 2025, more than $2 billion in digital assets were reportedly stolen. Platforms like Upbit and Bybit were targeted, using increasingly sophisticated methods.

The regime now relies on artificial intelligence. Since the 1990s, North Korea has invested in research on voice recognition, data processing, and optimization. Today, reports mention illegal use of Nvidia GPUs to accelerate hacking.

North Korean cybercriminals exploit every technological loophole, also targeting crypto startups. They apply, gain access, and then siphon digital wallets remotely. Global tech becomes their battlefield.

Some chilling numbers:

• More than 13 American tech companies infiltrated by Minh Vong between 2021 and 2024;
• Nearly $970,000 paid for work done by North Korean hackers;
• One individual (Vong) enabled access to defense-related systems;
• In 2025, $2 billion in crypto stolen by North Korea;
• The regime funds its missiles through these covert cyber operations.

The North Korean threat is no longer virtual; it is very real. Infiltrations in tech and attacks on crypto continue to grow. Facing this shadow war, states are tightening ranks. Worldwide, efforts multiply to detect, neutralize, and prosecute North Korean hackers. The keyboard has become a weapon, and the battlefield, global.