US Resident Sentenced for Leading $17M North Korean IT Worker Fraud Scheme

• DPRK-linked operation: An Arizona resident helped North Koreans pretend to be U.S.-based remote IT workers to trick 300 American companies.
• Charges: She pleaded guilty to conspiracy to commit wire fraud, aggravated identity theft, and money laundering conspiracy.
• Why it matters: It shows the intricate measures taken by adversaries to exploit global business operations for illegal revenue generation.

A U.S. woman has been sentenced to 102 months in prison for allegedly leading a complex IT worker fraud scheme that generated over $17 million in illicit revenue for the Democratic People’s Republic of Korea (DPRK or North Korea). It involved leveraging stolen and falsified identities of American citizens to gain access to remote IT jobs at 309 U.S. companies.

Scheme Details  

Between October 2020 and October 2023, Christina Marie Chapman, a 50-year-old Arizona resident, conspired with North Korean IT workers to trick over 300 U.S. companies into believing they were hiring legitimate American employees, a DoJ report says.

Using 68 stolen and some falsified identities of U.S. citizens, these workers gained access to remote IT jobs, thereby infiltrating the targeted companies. 

Chapman's role included operating a "laptop farm," where 90 devices from U.S. companies were hosted in her home to give the illusion that the workers were locally based.  

Court records reveal that Chapman facilitated false documentation submissions to the Department of Homeland Security, shipped 49 company-provided laptops internationally, and helped launder illicit earnings. 

Champan and her coconspirators defrauded companies that included a top-five major television network, a Silicon Valley technology firm, an aerospace manufacturer, an American car maker, a luxury retail store, and a U.S media and entertainment company, and unsuccessfully tried to compromise two different U.S. government agencies. 

Legal Outcome  

Chapman pleaded guilty to conspiracy to commit wire fraud, aggravated identity theft, and money laundering conspiracy in February 2025.

In addition to a sentence of eight years and six months in prison, she was also ordered to serve three years of supervised release and pay a judgment of $176,850 and forfeit over $284,500 that was to be paid to the North Koreans.

Implications  

The cybercrime prosecution underscores North Korea's persistent efforts to fund its regime through sophisticated schemes targeting U.S. infrastructure. Just this month, US authorities' actions resulted in an arrest and nine indictments in relation to the malicious IT worker scheme that funds North Korea.

“The North Korean regime has generated millions of dollars for its nuclear weapons program by victimizing American citizens, businesses, and financial institutions,” said Federal Bureau of Investigation (FBI) Assistant Director Roman Rozhavsky of the FBI Counterintelligence Division.

“However, even an adversary as sophisticated as the North Korean government can't succeed without the assistance of willing U.S. citizens like Christina Chapman, who was sentenced today for her role in an elaborate scheme to defraud more than 300 American companies by helping North Korean IT workers gain virtual employment and launder the money they earned,” Rozhavsky added.

In April, TechNadu reported on North Korean covert operations expanding to Europe that involved threat actors posing as IT specialists on Upwork, Freelancer, and Telegram.