Minh Phoung Ngoc Vong Participated in a Multi-Year Fraudulent Scheme to Obtain Remote Information Technology Work With U.S. Companies and Government Agencies for Persons Based in China
Minh Phuong Ngoc Vong, 40, of Bowie, Maryland, pleaded guilty today to conspiracy to commit wire fraud in connection with a scheme whereby he conspired with unknown individuals, including John Doe, also known as William James, a foreign national living in Shenyang, China, to defraud U.S. companies into hiring Vong as a remote software developer. After securing these jobs through materially false statements about his education, training, and experience, Vong allowed Doe and others to use his computer access credentials to perform the remote software development work and receive payment for that work.
According to the plea agreement, on Jan. 30, 2023, Doe submitted a fraudulent resume in Vong’s name to a Virginia-based technology company for the position of web application developer, which required U.S. citizenship as a condition of employment. The resume falsely represented that Vong had a Bachelor of Science degree and 16 years of experience as a software developer. In fact, Vong had no college degree or experience in software development.
On March 28, 2023, Vong participated in an online job interview with the CEO of the Virginia-based company and verified his identity and citizenship by showing his Maryland driver’s license and U.S. passport. Following the interview, the Virginia-based company hired Vong and assigned him to work on a contract for the Federal Aviation Administration (FAA) involving a particular software application used by various U.S. government agencies to manage sensitive information regarding national defense matters. The Virginia-based company provided Vong with a laptop to use in connection with his employment, and the FAA authorized Vong to receive a Personal Identity Verification (PIV) card to access government facilities and systems. Vong installed remote access software on the laptop to facilitate Doe’s access to it and conceal his location in China.
Between March 2023 and July 2023, Doe used Vong’s credentials to perform the software development work from his location in China. The Virginia-based company paid Vong more than $28,000 in wages for work performed by Doe, portions of which Vong then sent overseas to Doe and other conspirators.
As part of his guilty plea, Vong admitted that the Virginia-based company was not the only company he and his co-conspirators defrauded. Between 2021 and 2024, Vong used fraudulent misrepresentations to obtain employment with at least 13 different U.S. companies, who collectively paid Vong a total of more than $970,000 in salary for software development services that were, unbeknownst to them, performed by Doe and/or other overseas conspirators. Several of these defrauded companies contracted out Vong’s services to U.S. government agencies in addition to the FAA. As a result of Vong’s fraudulent misrepresentations, these government agencies unknowingly granted Vong’s co-conspirators access to sensitive U.S. government systems, which they accessed from China.
Vong faces a maximum sentence of 20 years in prison. U.S. District Judge Deborah Boardman for the District of Maryland scheduled sentencing for Aug. 28. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.
The FBI Baltimore Field Office is investigating the case.
Assistant U.S. Attorney Christina A. Hoffman for the District of Maryland is prosecuting the case with valuable assistance provided by Trial Attorney Alexandra Cooper-Ponte of the National Security Division’s National Security Cyber Section.
Under the Department-wide DPRK RevGen: Domestic Enabler Initiative, launched in March 2024 by the National Security Division and the FBI’s Cyber and Counterintelligence Divisions, Department prosecutors and agents are prioritizing the identification and shuttering of U.S.-based “laptop farms” – locations hosting laptops provided by victim U.S. companies to individuals they believed were legitimate U.S.-based freelance IT workers – and the investigation and prosecution of individuals hosting them. Today’s announcement follows successful actions taken by the Department in October 2023, May 2024, August 2024, December 2024, and January 2025, which targeted similar and related conduct.
Source: U.S. Department of Justice, April 15, 2025