- Trending
- Comments
- Latest
An Arizona social media influencer has been sentenced to 8.5 years in prison for her central role in a sprawling North Korean IT worker scheme that helped sanctioned operatives pose as U.S.-based tech professionals.
Christina Marie Chapman, who ran a covert “laptop farm” from her home, enabled North Koreans to bypass employment checks and steal remote jobs at over 300 American companies—including a major aerospace firm and TV network.
The operation, which laundered $17 million back to Pyongyang, highlights the regime’s reliance on Western collaborators to fund its nuclear ambitions. “Even an adversary as sophisticated as North Korea can’t succeed without willing U.S. citizens,” said FBI Counterintelligence Assistant Director Roman Rozhavsky in a statement.
Chapman, a freelancer with 100,000 TikTok followers, was recruited via LinkedIn by North Korean operatives. Her role involved:
Hosting devices that masked the workers’ true locations, spoofing U.S. IP addresses.
Facilitating payouts through shell companies and crypto wallets.
Providing fake references to help operatives pass employment checks.
The North Korean IT worker scheme specifically targeted crypto firms, where infiltrators could exploit security gaps. “Planting workers lets them study systems before launching attacks,” a Chainalysis analyst told Decrypt, noting that Pyongyang-linked hackers stole $1.34 billion in crypto in 2024 alone.
The case highlights Pyongyang’s escalating use of digital fraud to evade sanctions. U.S. prosecutors revealed that the North Korean IT worker scheme is part of a broader network deploying thousands of operatives worldwide.
“This isn’t just about money—it’s about embedding spies in critical industries,” warned a Department of Justice official. Recent incidents include:
A UK crypto startup (Cheqd) uncovering a hired “developer” with shifting accents and suspicious tech issues.
North Korean IT workers infiltrating healthcare and defense contractors in Europe.
Chapman, ordered to forfeit $284,000 and pay $176,850 in restitution, becomes the latest U.S. citizen prosecuted for aiding the regime.
Experts stress that the North Korean IT worker scheme exploits the tech industry’s reliance on remote hiring. Crypto platforms, with their high-value assets and porous KYC checks, are especially vulnerable.
“These aren’t random hackers, they’re state-sponsored professionals with resumes,” said a cybersecurity specialist at Mandiant. The FBI now urges companies to:
Verify identities through live technical tests.
Scrutinize freelancers with atypical digital footprints.
As Pyongyang refines its tactics, the Chapman case serves as a stark warning: the North Korean IT worker scheme is evolving—and so must defenses.
The North Korean IT worker scheme funneled $17M to Pyongyang via U.S. remote jobs.
Crypto firms are high-value targets due to weak identity checks.
Chapman’s sentencing highlights growing U.S. crackdowns on sanctions enablers.
Copyright © 2025 - The Bit Gazette.
