Woman gets 8 years for aiding North Koreans infiltrate 300 US firms

Christina Marie Chapman, a 50-year-old woman from Arizona, was sentenced to 102 months in prison after pleading guilty to her involvement in a scheme that enabled North Korean IT workers to infiltrate 309 U.S. companies.

Chapman was charged in May, together with Ukrainian citizen Oleksandr Didenko, with aggravated identity theft, conspiracy to defraud the United States, and conspiracy to commit money laundering, wire fraud, identity fraud, and bank fraud.

Didenko also ran an online platform known as UpWorkSell (which was seized by the DOJ) that provided services allowing North Koreans to use false identities while hunting for remote IT work positions.

Three other foreign nationals, known only by their aliases (Jiho Han, Haoran Xu, and Chunji Jin) and part of the same criminal group, were also charged with conspiracy to commit money laundering.

According to court documents, Chapman hosted the North Korean IT workers’ computers in her own home beteen October 2020 and October 2023, creating a so-called “laptop farm” which was used to make it appear as though the devices were located in the United States.

The North Koreans were hired as remote software and application developers with multiple Fortune 500 companies, including an aerospace and defense company, a major television network, a Silicon Valley technology company, and a high-profile company.

As a result of this scheme, they collected over $17 million in illicit revenue paid for their work, which was shared with Chapman, who processed their paychecks through her financial accounts.

“Chapman operated a ‘laptop farm’ where she received and hosted computers from the U.S. companies her home, so that the companies would believe the workers were in the United States,” the Justice Department said on Thursday.

“Chapman also shipped 49 laptops and other devices supplied by U.S. companies to locations overseas, including multiple shipments to a city in China on the border with North Korea. More than 90 laptops were seized from Chapman’s home following the execution of a search warrant in October 2023.”

On Thursday, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) also sanctioned a North Korean front company and three associated individuals who were linked to fraudulent information technology (IT) worker schemes.

In recent weeks, the Department of Justice disrupted an extensive network of individuals who helped North Korean workers obtain remote jobs at U.S. companies, while the FBI updated its guidance for U.S. businesses.

Previously, the United States released several joint advisories with foreign partners warning of North Korean IT worker schemes and sanctioned multiple organizations involved in North Korea’s IT worker revenue generation schemes.