Christina Marie Chapman, a 50-year-old Arizona resident, has been sentenced to 102 months in federal prison for her central role in a sophisticated international scheme to aid North Korean IT workers. The operation successfully infiltrated 309 American companies, including several Fortune 500 corporations, by placing these operatives in remote IT positions using the stolen identities of U.S. citizens. Chapman pleaded guilty to a wide range of charges, including conspiracy to defraud the United States, wire fraud, and aggravated identity theft, bringing a partial conclusion to what the Department of Justice has called the largest-ever case of its kind.
The elaborate conspiracy, which ran from October 2020 to October 2023, was orchestrated by the North Korean government to generate revenue, which intelligence experts believe was intended to finance the nation’s illicit weapons programs. The state-sponsored workers, armed with stolen or falsified American identities, applied for remote IT jobs across numerous sectors. Their targets were extensive and included a top-five major television network, a Silicon Valley technology company, an aerospace manufacturer, and an American car maker. The scheme was so audacious that operatives also unsuccessfully attempted to gain employment at two different U.S. government agencies.
Chapman’s specific role was to provide the critical domestic infrastructure that made the scheme plausible.
From her home in Litchfield Park, Arizona, she operated a “laptop farm,” where she received and hosted laptops from the U.S. companies that had “hired” the fake employees. By connecting these devices to her home internet, she made it appear that the North Korean workers were legitimately based in the United States. Chapman also received and forwarded 49 devices to overseas locations and had over 90 laptops seized from her home during the investigation.
The financial scale of the operation was staggering, with Chapman helping to generate over $17.1 million through the fraudulent employment scheme. She actively participated in laundering the wages by using stolen identities to report fake income and cash forged checks, funneling the illicit proceeds to her overseas co-conspirators. The broader network included individuals like Ukrainian national Oleksandr Didenko, who was arrested in Poland. Didenko allegedly ran a service that created and sold fake accounts on freelance job platforms, managing approximately 871 proxy identities and processing nearly a million dollars to facilitate the network.
The sentencing of Christina Chapman marks a significant victory for U.S. authorities in combating state-sponsored cybercrime and fraud.
The case, which came to light after a May 2024 FBI advisory, underscores the persistent threat posed by North Korean IT operatives and the complex methods they use to bypass sanctions and fund their regime. The charges against Chapman and her co-conspirators highlight the elaborate web of identity theft, proxy computers, and international money laundering required to sustain such a massive fraudulent enterprise.
Reference:
