Laptop farmers: US jails aides who helped North Korean IT workers

The U.S. Department of Justice (DOJ) announced that two U.S. nationals were sentenced to prison for hosting laptops that enabled North Korean remote IT workers to secure jobs at American companies; DOJ said these were the seventh and eighth sentences secured against U.S.-based “laptop farmers” in the past five months.

Court records name Matthew Issac Knoot of Nashville and Erick Ntekereze Prince of New York as the defendants; both received 18-month prison terms. According to filings, Knoot operated a laptop farm from his residence between approximately July 2022 and August 2023, while Prince was sentenced in the Southern District of Florida after being found to host equipment and facilitate remote access for fraudulently onboarded workers.

Prosecutors and previous cases show the economic dimension of the scheme: an earlier high-profile conviction involved Christina Marie Chapman, who was sentenced in July 2025 to 102 months for operating a laptop farm that prosecutors say generated about $17 million in illicit revenue for the Democratic People’s Republic of Korea (DPRK). Those convictions underscore how payrolls and contractor payments can be diverted to sanctioned actors, raising compliance and financial crime concerns for affected firms.

DOJ and U.S. attorney offices framed the recent sentencings as part of a coordinated effort to disrupt DPRK revenue-generation networks; authorities have publicized multiple actions since January 2025 and point to joint advisories issued in 2022 and 2023 by U.S. agencies warning of proxy hiring and identity-fraud tactics. The legal push is paired with guidance urging employers to strengthen identity verification and remote-access controls.

Market and security analysts expect continued enforcement and evolving attacker tradecraft. Companies may face higher compliance and cybersecurity costs as human-resources screening, remote-access policies and transaction monitoring are tightened. At the same time, closer cooperation between regulators, law enforcement and private cyber firms could reduce enterprise exposure if implemented broadly.