Three men sentenced for providing computer access to foreign workers in potential espionage plot

AUGUSTA, Georgia: Three men have been sentenced in federal court after pleading guilty to their roles in a nationwide scheme that enabled North Korean workers to access U.S.-based computer networks.

Each defendant pleaded guilty to a criminal Information charging them with one count of Wire Fraud Conspiracy, said Margaret E. "Meg" Heap, U.S. Attorney for the Southern District of Georgia.

The defendants were sentenced by U.S. District Court Judge J. Randal Hall. Alexander Paul Travis, 35, of Augusta, was sentenced to 12 months in prison, followed by three years of supervised release, and ordered to forfeit $193,265. Jason Salazar, 30, of Clovis, California, and Audricus Phagnasay, 25, of Fresno, California, were sentenced and ordered to forfeit $409,876 and $681,926, respectively.

"These men practically gave the keys to the online kingdom to likely North Korean overseas technology workers seeking to raise illicit revenue for the North Korean government - all in return for what to them seemed like easy money," said U.S. Attorney Heap. "These schemes present a significant challenge to our national security, and we applaud our investigative partners working to secure our digital borders."

Since 2003, United States and United Nations sanctions cut off North Korea "from the U.S. marketplace and financial systems and restricted the ability of U.S. persons and companies from doing business" with North Korean institutions.

North Korea responded with "a variety of schemes" to evade those sanctions, including "the use of highly skilled information technology (IT) workers to obtain remote, pseudonymous employment with companies around the world, including the United States, using false or stolen identities." The revenues from those schemes contribute to North Korea's weapons programs in violation of U.S. and U.N. sanctions.

Each defendants' guilty pleas describe how they were contacted by overseas IT workers, and each defendant allowed those workers to create resumes in the defendants' names with false information about their experience; to use those false representations and identities to obtain remote employment with U.S. companies; to pass employer vetting procedures, including video interviews, drug testing, and fingerprinting; and, to open bank accounts in the defendants' names to receive payment from the U.S. companies.

In each case, the defendant would receive a laptop computer from the company that hired the fictitious worker, and then would install unauthorized software to enable the overseas IT worker to access the computers remotely while appearing to work from the defendant's address in the United States.

Travis, who was an active-duty member of the United States Army stationed at Fort Gordon at the time, received at least $51,397 for his participation in the scheme. Phagnasay and Salazar earned at least $3,450 and $4,500, respectively. The fraudulent scheme earned approximately $1.28 million in salary payments from the victim U.S. companies, the vast majority of which were sent to the IT workers overseas.

"These defendants facilitated a scheme to deceive U.S. companies into hiring foreign remote IT workers," said FBI Georgia Acting Special Agent in Charge Peter Ellis. "The FBI will continue to work with our partners to expose and mitigate these fraudulent IT schemes and provide support to victims of North Korean cyber actors."

The FBI Augusta (Georgia) Resident Agency is investigating the cases, along with the National Security Division of the U.S. Department of Justice, Assistant U.S. Attorney L. Alexander Hamner for the Southern District of Georgia and Trial Attorney Jacques Singer-Emery of the NSD National Security Cyber Section are prosecuting the cases.