In a startling case of international cybercrime, a 50-year-old Arizona woman has been sentenced to over eight years in prison for her role in helping North Korean IT workers infiltrate hundreds of U.S. companies.
According to Breitbart, Christina Marie Chapman, 50, was sentenced to 102 months in prison for enabling a sophisticated scheme that allowed North Korean operatives to pose as remote workers and gain access to 309 American businesses between October 2020 and October 2023.
Chapman, an Arizona resident, became entangled in the operation starting in October 2020. Her involvement centered on hosting a so-called "laptop farm" in her home, where she kept computers sent by U.S. companies. This setup was designed to trick employers into believing the North Korean workers were physically located in the United States.
The Justice Department revealed the intricate deception, stating, “Chapman operated a ‘laptop farm’ where she received and hosted computers from the U.S. companies in her home, so that the companies would believe the workers were in the United States.”
These workers, using false identities, secured remote positions as software and application developers. They were employed by major firms, including Fortune 500 companies like an aerospace and defense contractor, a prominent television network, and a leading Silicon Valley tech firm.
Over the three years, the North Korean operatives collected more than $17 million in illicit payments. Chapman played a key role by processing their paychecks through her financial accounts, sharing in the profits. Her actions facilitated the transfer of significant sums of money out of the U.S. economy.
Beyond hosting devices, Chapman also shipped 49 laptops and other equipment provided by U.S. companies to overseas locations. These shipments included multiple deliveries to a city in China near the North Korean border. In October 2023, authorities executed a search warrant at her home, seizing over 90 laptops as evidence of her involvement.
Chapman faced serious charges for her role in the scheme, which spanned from 2020 to 2023. She pleaded guilty to aggravated identity theft, conspiracy to defraud the United States, and multiple counts of fraud and money laundering. Her sentencing to 102 months in prison reflects the severity of the crimes committed against U.S. businesses.
Chapman was not alone in this operation, as she was charged in May alongside Ukrainian citizen Oleksandr Didenko. Didenko operated an online platform called UpWorkSell, which helped North Korean workers secure remote IT jobs using fabricated identities.
Additionally, three other foreign nationals, identified by aliases Jiho Han, Haoran Xu, and Chunji Jin, were charged with conspiracy to commit money laundering in connection with the same group.
The U.S. government has taken significant steps to combat these fraudulent IT worker schemes. The Department of the Treasury’s Office of Foreign Assets Control sanctioned a North Korean front company and three related individuals tied to such operations. In recent weeks, the Department of Justice has also disrupted a wide network of individuals assisting North Korean workers in obtaining remote positions at American firms.
To prevent future incidents, the FBI has updated its guidance for U.S. companies. This comes as a response to the growing threat of foreign operatives using remote work as a means to infiltrate businesses. Companies are urged to strengthen verification processes for remote employees to avoid falling victim to similar schemes.
The scale of this operation, affecting 309 companies, underscores the vulnerabilities in remote hiring practices. Major firms, including a high-profile company and a television network, were deceived by the false identities of these workers. The incident has raised concerns about the potential for sensitive data breaches within critical industries.
This case highlights the evolving nature of cybercrime and the sophisticated methods used by foreign entities. Chapman’s sentencing serves as a warning to others who might consider participating in such deceptive practices. The U.S. government remains committed to pursuing and dismantling networks that threaten national and economic security.