Federal prosecutors in the US have charged an Arizona woman named Christina Chapman with participating in a complex fraud scheme that involved aiding foreign IT workers in posing as Americans, securing jobs at major US companies, and earning $6.8 million in revenue that could potentially benefit North Korea. The scheme affected the identities of 60 Americans and 300 US companies, including a national TV network, a Silicon Valley tech company, and an American car maker. Chapman is accused of running a “laptop farm” from her home, logging into US company-issued laptops on behalf of foreign IT workers to deceive companies into thinking the workers were based in the US, with some of the workers identified as North Korean nationals.
The court documents revealed that thousands of North Korean overseas IT workers are attempting to circumvent sanctions and send money back to Pyongyang. Chapman faces nine charges, including conspiracy to defraud the US and has been arrested, with an initial court appearance scheduled in Arizona. The indictment highlighted how the fraudulent conspiracy had a significant impact on various industries and unknowing individuals in the US. Additionally, the indictment stated that some of the overseas IT workers made attempts to gain employment and access information at different US government agencies, which were ultimately discovered and thwarted by prosecutors.
In a separate case, a Ukrainian man named Oleksandr Didenko was accused of operating several “laptop farms” with computers in various locations across the US. Didenko’s alleged business allowed clients, including overseas IT workers, to use false identities to secure remote work positions. The FBI found numerous computers in Chapman’s residence during a search in October, with records linking three jobs held by North Korean IT workers at US companies to the computers. Didenko is charged with aggravated identity theft and wire fraud but is not in custody in the US at this time.
North Korean IT workers often pose as different nationalities, offer remote work services, and target various sectors such as gaming, IT support, and artificial intelligence. State Department and other agencies have warned about the threat posed by North Korean IT workers, who are closely linked to North Korean hackers and contribute significantly to the regime’s revenue. The US government has been conducting briefings and investigations to identify and disrupt North Korean financial fraud and money laundering activities, with a recent offer of a $5 million reward for information leading to such disruptions.
Experts have highlighted how North Korea weaponizes its tech talent by directing IT workers to secure employment at Western companies, ultimately funding the regime’s nuclear program through diverted paychecks. North Korean IT workers and hackers pose a significant insider threat to major organizations, providing avenues for more advanced cyber threat groups to infiltrate. In some cases, individuals and companies in the US have unwittingly engaged with North Korean workers, leading to potential security breaches and financial implications. The State Department’s “Rewards for Justice” program aims to counter national security threats, with previous successful payouts for information that aided in apprehending terrorists and preventing illicit financial schemes benefiting North Korea.
