Minh Phuong Ngoc Vong, 40, of Bowie, Maryland, was sentenced to 15 months in prison followed by three years of supervised release for his role in a fraudulent scheme that assisted foreign information technology workers posing as U.S. citizens with obtaining remote IT positions at over a dozen U.S. companies.
According to court documents, Vong conspired with others, including John Doe, aka William James, a foreign national living in Shenyang, China, to defraud U.S. companies into hiring Vong as a remote software developer. After securing these jobs through materially false statements about his education, training, and experience, Vong allowed Doe and others to use his computer access credentials to perform the remote software development work and receive payment for that work.
Vong reportedly knew that Doe was located next to North Korea. Additionally, Doe’s communications indicate that he is likely a North Korean national who was working to generate revenue for the North Korean government.
According to the plea agreement, on Jan. 30, 2023, Doe submitted a fraudulent resume in Vong’s name to a Virginia-based technology company for a web application developer position that required U.S. citizenship as a condition of employment. The resume falsely represented that Vong possessed a Bachelor of Science degree and 16 years of experience as a software developer. In fact, Vong did not have a college degree or experience in software development.
On March 28, 2023, Vong participated in an online job interview with the CEO of a Virginia-based company. Vong verified his identity and citizenship by showing his Maryland driver’s license and U.S. Passport. Following the interview, the Virginia-based company hired Vong and assigned him to work on a contract for the Federal Aviation Administration (FAA) involving a particular software application used by various U.S. government agencies to manage sensitive information regarding national defense matters. The Virginia-based company provided Vong with a laptop to use in connection with his employment and the FAA authorized Vong to receive a Personal Identity Verification card to access government facilities and systems. Vong installed remote access software on the laptop to facilitate Doe’s access to it and conceal his location in China.
Recommended
Between March 2023 and July 2023, Doe used Vong’s credentials to perform the software development work from his location in China. The Virginia-based company paid Vong more than $28,000 in wages for work he performed, portions of which Vong then sent overseas to Doe and other conspirators.
As part of his guilty plea, Vong admitted that the Virginia-based company was not the only company he and his co-conspirators defrauded. Between 2021 and 2024, Vong used fraudulent misrepresentations to obtain employment with at least 13 different U.S. companies, who collectively paid Vong more than $970,000 in salary for software development services that were, unbeknownst to them, performed by Doe or other overseas conspirators. Several of these defrauded companies contracted out Vong’s services to U.S. government agencies in addition to the FAA. As a result of Vong’s fraudulent misrepresentations, these government agencies unknowingly granted Vong’s co-conspirators access to sensitive U.S. government systems, which they accessed from China.
The FBI Baltimore Field Office investigated the case.
Assistant U.S. Attorney Christina A. Hoffman for the District of Maryland prosecuted the case with valuable assistance from the National Security Division’s National Security Cyber Section.
Under the Department-wide DPRK RevGen: Domestic Enabler Initiative, launched in March 2024 by the National Security Division and the FBI’s Cyber and Counterintelligence Divisions, Department prosecutors and agents are prioritizing the identification and shuttering of U.S.-based “laptop farms” – locations hosting laptops provided by victim U.S. companies to individuals they believed were legitimate U.S.-based freelance IT workers – and the investigation and prosecution of individuals hosting them. The Department previously announced other actions pursuant to the initiative, including in January and June 2025
Editor’s Note: Do you enjoy Townhall’s conservative reporting that takes on the radical left and woke media? Support our work so that we can continue to bring you the truth.
Join Townhall VIP and use the promo code FIGHT to get 60% off your VIP membership!
Join the conversation as a VIP Member