The statements of the American who helped North Korean citizens to engage in IT in the US. The main regrets of the woman

Christine Chapman, the American who has been sentenced to eight years in prison after helping North Korean citizens to engage in IT in the US made the first statements about how she was recruited to facilitate the fraud worth $ 17 million, The Guardian reports.

In March 2020, when the Covid-19 pandemic started, Christina Chapman, a woman living in Arizona, received a message on LinkedIn in which she was proposed to “be the American face” of a company to help IT workers from abroad to achieve a distance job.
For three years, Chapman has intermediates jobs for workers in North Korea at hundreds of American companies, including some of the Fortune 500 top, “a top technological company in Silicon Valley”; and one of the “most popular media and entertainment companies in the world”.
The recruitment was based on cheaters: companies have never suspected that employees would not be American citizens, but to a sanctioned country that had major security risks and risks.
However, Chapman was used by the North Korean government to obtain thousands of well-paid jobs for thousands “high-skilled IT workers”. The plan has been based on identity theft and so-called “laptop farms” meant to trick companies that their employees are working from somewhere in the US.
Fraud has allowed the North Korean government to obtain funds for the development of its nuclear weapons, according to the US Department of Justice and judicial documents.
Chapman's story is quite bizarre: a curious mixture of geopolitics, international crime and tragic circumstances. In a climate of isolation on the background of the pandemic and an economy dominated by project jobs, the ideal conditions for such a fraud were met, especially in an area where much of work is done behind a screen.
“Once the Covid Pandemic has hit and everyone has gone to virtual work, many of the technology employees have not returned to the office,” explained Benjamin Racenberg, senior information manager at Nisos, a cyber security company.
“Companies have quickly oriented, realizing that they can recruit talents. North Koreans and other scammers have realized that they can deceive employment systems. I don't think I made enough, as a community, to prevent this.”
The weak link
However, to carry out these schemes, North Koreans needed facilitators in the United States, as the companies will obviously do not send laptops to North Korea or even China, “said Adam Meyers, head of Crowdstrike attacks, a cyber security company.
“I find someone in search of a job in a temporary contract economy and make them the following attractive proposal:” We are happy to offer you $ 200 for each laptop you manage “,, said Meyers, whose team published reports on the North Korean operation.
Chapman was the ideal vulnerable person: raised in an abusive home, has always oscillated “between poorly paid jobs and unstable housing”, according to the documents submitted by her lawyers. In 2020, she also took care of her mother, who had been diagnosed with renal cancer.
Thus, about six months after LinkedIn's message, Chapman has begun to manage what officials in the field of law enforcement describe as “laptop farms”.
In addition to hosting computers, she helped her on the North Koreans to give themselves as American citizens by validating the stolen identity information; sent laptops abroad; has been connected to computers so that foreign workers can connect from a distance; He received salaries and transferred the money to workers, according to the court documents.
Simultaneously, North Korean citizens have created fictitious characters and online profiles to meet the requirements of remote IT workers. Often, they have obtained jobs through recruitment agencies.
In one case, a “national television and media company in the Top Five”, based in New York, hired a North Korean as a video streaming engineer.
A person who was given as “Daniel B” asked Chapman to attend a Microsoft Teams meeting with the employer so that the accomplices can participate. The indictment does not mention the full names of the victims.
“I just typed the name Daniel,” Chapman told the person in North Korea, according to the judicial records of an online conversation. “If you ask you why you use two devices, it simply says that the laptop microphone does not work properly.”
“Most of the IT accepts this explanation,” Chapman assured.
“I hope you can find other people to complete your Forms I-9 (verification of identity and right of work in the US). These are federal documents. I will send them, but ask someone else to deal with documents. It may be incarcerated in a federal prison for falsification of documents.” He wrote the woman of a group of accomplices, regarding the necessary documents for employment.
Throughout this period, Chapman was also active on social networks. In a video posted in June 2023, she talked about having breakfast in the package because she is extremely busy, and her customers “go crazy”, Wired.
On the filming, behind the woman can be observed shelves with at least one dozen open laptops, on which self -adhesive notes were stuck. In October 2023, federal investigators searched his house and found 90 laptops. In February this year, she pleaded guilty of conspiracy to committing electronic fraud, aggravated identity theft and conspiracy to washing monetary instruments.
In the three years in which Chapman worked with North Koreans, some employees have received hundreds of thousands of dollars from a single company. In total, the scheme has generated $ 17 million for fake employees and the North Korean government.
The scammers also stole the identities of 68 people, on whose behalf they also figured false tax debts, according to the Department of Justice.
How the woman motivated her facts
In a letter addressed to the court before the sentence was pronounced, Chapman thanked the FBI for arresting it, motivating: “I had been trying to get rid of the guys I worked for and I didn't know how to do it.”
“The area where I lived did not offer many work opportunities that correspond to my needs,” Chapman defended. “Those who have been affected send them the most sincere excuses. I am not a person who would like to do harm to someone so it is devastating to me to know that I was part of a company that had the purpose to do harm to people.”
Last week, a district court sentenced Chapman to over eight years in prison, also ordering $ 284,000, which was to be paid to the North Koreans, as well as the payment of $ 176,000.
Chapman and accomplices were not the only ones who committed such fraud. In January, the federal government charged two people from North Korea, a Mexican citizen and two American citizens, in the case of a similar scheme in which North Korean workers obtained at least 64 US companies, generating revenues of at least $ 866,000, according to the Department of Justice.
Racenberg, from the Nisos Security company, said that cyber criminals are expected to use artificial intelligence to “become better” in performing such schemes.
Companies should carry out “open-source research” on the candidates, since the scammers often reuse the contents of public CVs, he explained.
“If you are looking for the first rows of the CV, you may find two more, three CVs exactly the same, at similar companies,” Racenberg added. “This should arouse some alarm signals.”
“During an interview, if there is a background noise that looks like a call center or if the candidate refuses to eliminate a false or unclear background, this could also be a concern,” explained a Crowdstrike expert.
Another way to prevent such fraud would be for companies to ask new employees to come to the office to pick up their laptop, instead of sending them by courier, experts say.




