Christina Chapman, a 50-year-old
Arizona resident
, has been sentenced to 8.5 years in federal prison for her role in a sweeping North Korean fraud operation that exploited remote-work jobs in the U.S. to funnel millions to the regime. U.S. District Judge Randolph D. Moss also ordered Chapman to forfeit $284,000 in illicit proceeds earmarked for North Korean operatives, and to pay $176,850—the amount she personally profited from the scheme.
Federal prosecutors called the case one of the largest remote work conspiracies ever charged by the Department of Justice.
According to court filings,
Chapman helped North Korean IT workers
pose as U.S.-based tech professionals to secure remote jobs at American companies. She hid their true identities by installing remote-access software on laptops, filling out identity documents, and storing and managing the computers from her home. Investigators described her setup as a “laptop farm,” with each device labeled by the company it was tied to and the stolen identity it was using. During a 2023 raid, photos revealed dozens of machines linked to the operation.
The scheme targeted 309 U.S. companies, defrauding them of approximately $17.1 million in wages, all of which were funneled back to North Korea. Nearly 70 Americans had their identities stolen as part of the elaborate plot.
“North Korea is not just a distant threat—it is operating from within our own systems,” U.S. Attorney Jeanine Pirro said in a statement. “If this can happen at Fortune 500 companies and major banks, it can happen anywhere. Businesses need to take employee verification seriously—we are the first line of defense against these threats.”
Pirro also revealed that Nike was among the companies duped, paying $70,000 to a North Korean operative posing as a U.S. citizen.
Acting Assistant Attorney
General Matthew Galeotti emphasized
Chapman’s importance in enabling the fraud. “Her role as a U.S.-based facilitator was essential to North Korea’s ability to defraud American businesses and steal U.S. citizens’ identities,” he said. “This case underscores the unique threat North Korea poses in the remote work era.”
Authorities warned that a lighter sentence would have sent the wrong message to both North Korean cybercriminals and any potential American accomplices. Cybersecurity experts echoed that concern, noting that the verdict sets a precedent for dealing with Americans who aid foreign adversaries using artificial intelligence and identity theft.
“This prosecution aims to draw a line,” said Andrew Borene, executive director at Flashpoint threat intelligence. “It’s a message to Pyongyang and a deterrent to future U.S. collaborators.”
Chapman’s sentencing sheds light on the larger operation run by the Democratic People’s Republic of Korea (DPRK), which has exploited remote work loopholes since financial sanctions were imposed in 2016. Cut off from the U.S. banking system and banned from legal employment, the regime turned to cybercrime. Workers trained in IT and AI are deployed to China, Russia, Nigeria, and the UAE to manage stolen or fake identities and apply for remote jobs with U.S. companies. Their salaries, often in the six-figure range, are funneled back to North Korea—where UN investigators believe the funds help finance Kim Jong Un’s nuclear weapons program.
UN estimates place the annual
earnings
from the scheme between $250 million and $600 million.
For many American victims, the damage has been lasting. Stolen identities resulted in fake tax liabilities, government scrutiny, and in some cases, denial of unemployment benefits. One individual was flagged by the IRS because a North Korean operative used their Social Security number.
Chapman’s involvement went beyond passive assistance—she physically shipped laptops overseas and communicated with operatives in China, Pakistan, the UAE, and Nigeria. However, not all Americans caught up in the scheme were knowingly complicit. A defector from North Korea, speaking to
Fortune
under the pseudonym “Kim Ji-min,” said many Americans involved “had no idea” they were working with North Koreans, as the operatives concealed their identities entirely.
FBI Assistant Director Roman Rozhavsky said
Chapman’s
sentencing proves that domestic enablers of foreign cyber operations will be held accountable.
“Even a government as sophisticated as North Korea can’t execute this type of fraud without help from people like Christina Chapman,” Rozhavsky said. “The FBI and our partners will continue to defend American institutions from adversaries—and from those who choose to help them.”
