The Arizona Tiktok influencer has been sentenced to a lengthy sentence to help North Korean operatives get far-reaching IT jobs in hundreds of US companies, part of a sophisticated scheme that funds the country’s approved arms program.
Christina Marie Chapman was convicted in the District of Columbia for conspiracy to wire fraud, worsening identity theft and money laundering conspiracy.
She was sentenced to 8.5 years of supervised release in prison, forfeiting more than $284,000 and ordered to repay $176,850.
“The North Korean administration has generated millions of dollars for its nuclear weapons programme by sacrificing American citizens, businesses and financial institutions,” said Roman Rozhabsky, the FBI’s anti-intellectual assistant director. statement.
“Even an enemy as sophisticated as the North Korean government cannot succeed without the support of aspiring American citizens like Christina Chapman.”
This incident is another example of North Korea’s secret attempts to break into foreign companies, particularly in the technology and crypto sector. US authorities say Pyongyang has used false identities to secure remote work, deploying thousands of skilled IT workers around the world to either return to power or enable hackers to attack businesses.
In particular, cryptographic platforms have emerged as a frequent target as they are a way for planting workers to spot security weaknesses and attack company crypto wallets. According to chain analysis, North Korea-related hackers stole $1.34 billion in ciphers in 2024 alone, up 21% year-on-year.
Freelancer and influencer Chapman had over 100,000 followers in Tiktok, but was initially approached by North Korean operatives via LinkedIn.
From around 2020, she supported North Korea’s efforts by running a “laptop farm” from her home, hosting computers sent by businesses to allow IT workers to access remotely while they appear to be in the US
Authorities say she has shipped 49 devices to locations overseas, including multiple plots to Chinese cities near North Korea. More than 90 laptops have been seized from her home.
Using stolen or borrowed identities, North Korean operatives won millions, with wages sent via direct deposits or counterfeit pay checks. Chapman helped wash the money through his account and sent it abroad. Income was incorrectly reported in the names of substantial US citizens of the IRS and Social Security Administration.
Over the years, she helped North Korean workers secure employment in more than 300 US companies, including Fortune 500 companies, leading television networks, aerospace manufacturers and Silicon Valley Tech companies.
Three North Koreans charged with Chapman remain large.
North Korean operatives use various deception techniques to obscure their origins, such as VPNs, posing as people from other countries, employment Others will be before the first job interview.
Fraser Edwards, CEO and founder of UK-based company Cheqd, Decryption The company has experienced several penetration attempts and noticed several red flags pointing to North Korea’s involvement.
“Our CTO went back and saw some of the recordings (of interview tests). As we moved between the windows there was a Korean character there,” Edwards said.
“Another red flag was that IP addresses would always route through a proxy. They were intentionally trying to hide their identity the whole time.”
Edwards and others say North Koreans are currently using European actors to handle early stage interviews and screening calls, making detection even more difficult. Even when they’re caught, they often pivot immediately to new fake identities and job postings.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
