Arizona woman sentenced to 8.5 years for running North Korean laptop farm

A U.S. District Court judge sentenced an Arizona woman to eight and a half years in prison for running a laptop farm used by North Korea’s government to perpetrate its IT worker scheme. 

Christina Chapman pleaded guilty in February to wire fraud, money laundering and identity theft after the FBI discovered she was an instrumental cog in a wider campaign to get North Koreans hired in six-figure IT roles at prominent companies. 

Prosecutors said Chapman helped the North Korean IT workers obtain jobs at 309 companies, including a major television network, a car maker, a media company, a Silicon Valley technology company and more. Members of the same group unsuccessfully tried to get employed at two different U.S. government agencies. 

After North Korean officials obtained employment using fake identities, work laptops were sent to a home owned by Chapman, where she enabled the workers to connect remotely to the U.S. companies’ IT networks on a daily basis. 

The FBI seized more than 90 laptops from Chapman’s home during an October 2023 raid. In addition to hosting the laptops and installing software that allowed the North Koreans to access them remotely, she also shipped 49 laptops to locations overseas, including multiple shipments to a Chinese city on the North Korean border. 

In total, Chapman’s operation helped generate $17 million for the North Korean government. Security companies and law enforcement have not said how many laptop farms they estimate are scattered across North America and Europe but the DOJ called Chapman’s case “one of the largest North Korean IT worker fraud schemes charged by the Department of Justice.”

Her part of the operation involved 68 stolen identities and she reported millions in income to the IRS under the names of the people who had their identity stolen. 

She forged payroll checks with the fake identities and typically managed the wages received from U.S. companies through direct deposit. She would then transfer the earnings to people overseas. 

District Court Judge Randolph Moss ordered the 50-year-old Chapman to serve a 102-month prison term and three years of supervised release. She will have to forfeit nearly $300,000 that she planned to send to North Korea before her arrest and will pay a fine of more than $175,000. 

Chapman was arrested last May as part of a wider takedown of North Korea’s scheme to have hundreds of their citizens hired at unwitting U.S. companies in IT positions. 

Chapman was initially charged alongside a 27-year-old Ukrainian, Oleksandr Didenko, for helping at least three workers who operated under the aliases Jiho Han, Chunji Jin and Haoran Xu. The three were hired as software and applications developers with companies in a range of sectors and industries.

U.S. State Department officials said the three North Koreans assisted by Chapman and Didenko “are linked to the DPRK’s Munitions Industry Department, which oversees the development of the DPRK’s ballistic missiles, weapons production, and research and development programs.”

Didenko was arrested in Poland last year and the U.S. is seeking his extradition. 

Acting Assistant Attorney General Matthew Galeotti of the Justice Department’s Criminal Division said Chapman was part of a scheme that “stole dozens of identities of American citizens” and expressed hope that the sentence would dissuade others from attempting to run similar laptop farms. 

The FBI and other agencies have been on a nearly three-year hunt for North Korean IT workers and those facilitating the operation. Hundreds of companies have reported hiring North Korean workers after the pandemic forced workplaces to adopt new technology. 

The North Korean government has been able to earn millions through the scheme, using artificial intelligence to assist workers in creating fictitious resumes and faking their way through interviews. 

Most IT roles are done by teams of North Koreans generally located across China, Russia and Southeast Asia. The workers earn high-paying salaries and send it to North Korea’s government, often stealing sensitive data — and sometimes cryptocurrency — if they are ever caught and fired.

“The North Korean regime has generated millions of dollars for its nuclear weapons program by victimizing American citizens, businesses, and financial institutions,” said Assistant Director of the FBI’s Counterintelligence Division Roman Rozhavsky.

The sentencing came on the same day that several U.S. agencies announced multiple actions taken against the North Korean scheme, including sanctions on three senior officials and a $15 million reward for information on the whereabouts of six North Korean leaders.