Two New Jersey men sentenced in DPRK laptop farm case that infiltrated 100+ U.S. companies
4 min. read 
Published on
Two U.S. nationals have been sentenced to federal prison for helping North Korean remote IT workers pose as U.S.-based hires and land jobs at more than 100 American companies. The Justice Department said the scheme used stolen identities from at least 80 U.S. persons and generated more than $5 million in illicit revenue for the North Korean government.
Kejia Wang, 42, of Edison, New Jersey, received 108 months in prison. Zhenxing Wang, 39, of New Brunswick, New Jersey, received 92 months. The court also ordered both men to serve three years of supervised release, forfeit $600,000, and, in Kejia Wang’s case, pay $29,236.03 in restitution.
Access content across the globe at the highest speed rate.
70% of our readers choose Private Internet Access
70% of our readers choose ExpressVPN
Browse the web from multiple devices with industry-standard security protocols.
Faster dedicated servers for specific actions (currently at summer discounts)
Federal prosecutors said the defendants ran so-called laptop farms that let overseas North Korean workers remotely access company-issued devices from locations inside the United States. That setup helped employers believe they had hired domestic workers, while in reality the work supported DPRK revenue generation tied to its weapons programs.
How the laptop farm scheme worked
According to the Justice Department, the operation ran from about 2021 until October 2024. Prosecutors said the defendants and their co-conspirators used stolen identities to secure remote IT jobs at major U.S. firms, including Fortune 500 companies and a defense contractor. Victim companies later faced at least $3 million in legal fees, network cleanup costs, and other damage.
Kejia Wang acted as the U.S.-based manager, according to prosecutors. The DOJ said he supervised at least five facilitators in the United States who collectively hosted hundreds of corporate laptops at their homes. The department also said he traveled to Shenyang and Dandong, China, in 2023 to meet overseas actors involved in the scheme, including a former classmate he knew was from North Korea.
To make the operation look legitimate, the two men created shell companies and related bank accounts, including Hopana Tech LLC, Tony WKJ LLC, and Independent Lab LLC. Prosecutors said these entities had no real employees or operations and existed only to receive money from victim companies and move it onward to overseas co-conspirators.
Why the case mattered beyond payroll fraud
The DOJ said this was not only a fake employment scheme. It also placed North Korean workers on U.S. corporate systems, which raised clear national security risks. In the Massachusetts case summary, prosecutors said the scheme gave overseas actors access to sensitive company information and, in some cases, export-controlled defense data.
The broader federal warning has stayed consistent for months. In a June 2025 coordinated enforcement action, the Justice Department said North Korean IT worker schemes relied on fake and stolen identities, front companies, fraudulent websites, and laptop farms hosted in the U.S. to obtain remote access to employer systems. The department said those workers sometimes stole sensitive information, including virtual currency and export-controlled military technology.
The FBI and State Department have also tied these operations to North Korea’s sanctions evasion and weapons funding efforts. The FBI’s wanted notices say the Rewards for Justice program offers up to $5 million for information that helps disrupt the financial mechanisms behind DPRK IT worker schemes, including revenue generated through overseas labor and related cyber activity.
Key case details
| Item | Details |
|---|---|
| Defendants | Kejia Wang, 42, and Zhenxing Wang, 39 |
| Sentences | 108 months and 92 months |
| Scheme period | Approximately 2021 to October 2024 |
| Companies affected | More than 100 U.S. companies |
| Stolen identities used | At least 80 U.S. persons |
| Illicit revenue generated | More than $5 million |
| Damage to victim companies | At least $3 million |
| Shell companies named by DOJ | Hopana Tech LLC, Tony WKJ LLC, Independent Lab LLC |
| Forfeiture ordered | $600,000 total |
The DOJ also said federal agents searched eight locations across three states in October 2024 and recovered more than 70 laptops and remote access devices, including KVMs. At the same time, the FBI seized four web domains linked to the shell companies involved in the fraud.
What employers should watch for
- Remote candidates who cannot complete identity checks cleanly
- New hires who insist on unusual laptop routing or U.S.-only device handling
- Payroll and tax records that do not align with candidate identity data
- Contractors tied to shell companies with no real staff or business footprint
- Persistent remote access patterns that suggest proxy devices or laptop farm activity
FAQ
They were Kejia Wang of Edison, New Jersey, and Zhenxing Wang of New Brunswick, New Jersey. The DOJ said both helped North Korean IT workers fraudulently obtain remote jobs at U.S. companies.
Kejia Wang received 108 months in prison. Zhenxing Wang received 92 months. Both also received three years of supervised release.
The Justice Department said the scheme reached more than 100 U.S. companies, including Fortune 500 firms and a defense contractor.
Federal prosecutors said it generated more than $5 million in illicit revenue for the DPRK government.
Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more
Improve this guide
User forum
0 messages