2026-04-15 21:30:20 UTC / 美国有线电视新闻网(CNN)
作者:肖恩·林加斯
发布时间:2026年4月15日,美国东部时间下午5:30
节点运行失败
这张美国马萨诸塞州地区法院提供的照片显示了一个多成员团队中的朝鲜信息技术工作人员,美国司法部称该团队与朝鲜政府合作,为其政权筹集资金。注:美国马萨诸塞州地区法院提供的图片部分内容已做模糊处理。
美国马萨诸塞州地区法院
美国司法部周三表示,两名美国人因参与一项秘密诈骗计划,骗取美国多家大型企业、并为朝鲜政权赚取500万美元,已被判处多年监禁。
现年39岁的王振兴(英文名“Danny” Wang)和现年42岁的王克佳(英文名“Tony” Wang)均来自新泽西州,他们是这场精心策划阴谋的所谓中间人,该阴谋诱骗《财富》世界500强企业雇佣海外科技人员,这些人员窃取了多名美国人的身份。波士顿的一家联邦法院判处王振兴七年以上监禁,王克佳九年监禁。
该计划的核心是“笔记本电脑农场”——即由美国公司配发的成组电脑——据称王振兴和王克佳在美国境内的家中对这些电脑进行管理。这些笔记本电脑为海外科技人员提供了进入美国大型企业的渠道,使其能够领取薪资,其中一起案件中,他们还从加州一家国防承包商处窃取了受出口管制的数据。
据检察官透露,其他在不知情的情况下向海外科技人员支付薪资的公司包括马萨诸塞州的一家半导体分销商和加州的一家软件开发公司。
美国官员表示,朝鲜正越来越多地利用此类计划绕过制裁,为其核武器项目筹集资金。2024年,检察官以类似罪名起诉了一名亚利桑那州女子,该计划窃取了60名美国人的身份,影响了300家美国企业,其中包括一家“顶级”硅谷科技公司。
据美国官员和私营领域专家称,近年来朝鲜通过黑客攻击加密货币交易所,并利用信息技术人员渗透美国科技公司,窃取了数十亿美元资金。
美国政府一直在努力打击此类计划,并公开和私下警告全美企业注意朝鲜信息技术人员构成的日益演变的威胁。
仍有大量工作有待完成:美国国务院周三悬赏最高500万美元,征集有关其他几名据称为朝鲜政权筹集资金的人员的线索。
CNN已联系为王振兴和王克佳辩护的律师置评。两人此前已承认与该计划相关的指控。
据称,这两名男子在新泽西州成立了空壳公司,虚假声称这些科技人员获得了在美国工作的授权。该阴谋的其他成员据称利用背景调查公司确定他们想要窃取身份的美国公民。据检察官称,至少有80名美国人的身份被窃取。
内部威胁检测公司DTEX Systems的研究员迈克尔·巴恩哈特表示,朝鲜科技人员网络“越来越依赖美国有限责任公司(LLCs)来营造合法雇佣的假象”。
巴恩哈特在接受CNN采访时谈及与王振兴和王克佳相关的这起计划时表示:“通过将美国公民、美国地址和空壳公司相结合,这些 facilitators(协助者)制造出一种合法国内‘用工’的假象,让这些科技人员能够伪装成美国本土人员,在入职或日常工作流程中不会引发怀疑。”
“越来越多的 staffing and recruiting agencies(人员配置和招聘机构)在不知情的情况下助长了这种活动,它们为这些人员提供担保,声称已经完成了背景调查和尽职调查,”巴恩哈特说道。他还警告称,朝鲜信息技术人员已经渗透到分包商中,“以接触到与全球各国政府有合同往来的更大目标”。
Two Americans sentenced to prison for North Korean tech worker scheme
2026-04-15 21:30:20 UTC / CNN
By Sean Lyngaas
PUBLISHED Apr 15, 2026, 5:30 PM ET
节点运行失败
This photo from the US District Court District of Massachusetts shows North Korean information technology workers on a multi-member team that the US Department of Justice says works with the North Korean government to fund its regime. Note: Parts of the image provided by the US District Court District of Massachusetts have been obscured.
US District Court District of Massachusetts
Two Americans have been sentenced to years in prison for their roles in a covert scheme that defrauded major US companies while generating $5 million for the North Korean regime, the Justice Department said Wednesday.
Zhenxing “Danny” Wang, 39, and Kejia “Tony” Wang, 42, both of New Jersey, were alleged middlemen in an elaborate conspiracy that involved tricking Fortune 500 companies to hire overseas tech workers who stole the identities of various Americans. A federal court in Boston sentenced Zhenxing Wang to over seven years in prison and Kejia Wang to nine years in prison.
At the heart of the scheme were “laptop farms” — or clusters of US company-issued computers — that Wang and Wang allegedly managed from their homes in the US. Those laptops gave the overseas tech workers a foothold into major American companies to draw salaries and in one case steal export-controlled data from a California-based defense contractor.
Other companies who unwittingly paid the overseas tech workers include a semiconductor distributor in Massachusetts and a software development firm in California, according to prosecutors.
North Korea is increasingly turning to such schemes to circumvent sanctions and generate revenue for its nuclear weapons program, according to US officials. In 2024, prosecutors charged an Arizona woman in a similar scheme that compromised the identities of 60 Americans and affected 300 US companies, including a “premier” Silicon Valley tech firm.
The North Korean government has stolen billions of dollars in recent years by hacking cryptocurrency exchanges and using IT workers to infiltrate US tech firms, according to US officials and private experts.
The US government has tried to crack down on the schemes while publicly and privately warning companies across the country of the evolving threat from North Korean IT workers.
There’s still plenty of work to do: The State Department on Wednesday offered up to $5 million for information on several other people allegedly involved in generating revenue for the North Korean regime.
CNN has requested comment from attorneys who represented Wang and Wang. The pair previously pleaded guilty to charges related to the scheme.
The two men allegedly set up front companies in New Jersey to falsely claim that the tech workers were authorized to work in the US. Other members of the conspiracy allegedly used background-check firms to identify US persons whose identities they wanted to steal. At least 80 US persons had their identity stolen, according to prosecutors.
Networks of North Korean tech workers “increasingly rely on U.S.-based LLCs to create the appearance of legitimate employment,” said Michael Barnhart, a researcher at insider threat firm DTEX Systems.
“Pairing a US person, a US address, and a front company … the facilitators created the illusion of a legitimate domestic ‘effort’ allowing the IT workers to present themselves as U.S.-based without triggering suspicion during onboarding or daily workflows,” Barnhart told CNN, referring to the scheme connected to Wang and Wang.
“A growing number of staffing and recruiting agencies are unknowingly enabling this activity by vouching for these workers, claiming to have completed background checks and due diligence,” Barnhart said. He also warned that North Korean IT workers have embedded themselves at subcontractors “to reach larger targets” that contract with governments around the world.
发表回复