Latest news with #ChristinaMarieChapman
Epoch Times
5 days ago
- Epoch Times
Arizona Woman Gets 8 Years in Prison for Running ‘Laptop Farm' for North Koreans
WASHINGTON—A woman from Arizona has been sentenced to eight years in federal prison for helping North Korean technology workers steal the identities of U.S. citizens to obtain employment in the country. Christina Marie Chapman, aged 50, was a resident of Litchfield Park in Arizona—a suburb of Phoenix—who created a 'laptop farm' at her home, where she would receive computers shipped by U.S. corporations allegedly to their 'virtual employees' and operate them with U.S.-based IP addresses.
Forbes
5 days ago
- Business
- Forbes
Arizona Woman Will Go To Jail For Multi-Million Dollar Fraud Scheme Connected To North Korea
The scheme generated more than $17 million in illicit revenue. getty An Arizona woman has been sentenced to 102 months—that's eight and a half years—for her role in a scheme involving North Korean information technology (IT) workers who infiltrated and defrauded 309 U.S. businesses and two international businesses. Following her arrest last year, prosecutors called it the largest case ever charged involving this type of scheme. The scheme generated more than $17 million in illicit revenue for Chapman and for the Democratic People's Republic of Korea (DPRK or North Korea). Christina Marie Chapman, a resident of Litchfield Park, Arizona, pleaded guilty on February 11 to conspiracy to commit wire fraud, aggravated identity theft, and conspiracy to launder monetary instruments. In addition to her prison term, U.S. District Court Judge Randolph D. Moss ordered Chapman to serve three years of supervised release, to forfeit $284,555.92 that was to be paid to the North Koreans, and to pay a judgment of $176,850. According to court documents filed following her arrest, the scheme worked like this: North Korea sent thousands of skilled IT workers around the world with stolen or borrowed identities to infiltrate U.S. companies' networks, and raise money to contribute to the North Korean weapons program in violation of U.S. and U.N. sanctions. The scheme involved defrauding more than 300 U.S. companies, including many well-known large companies, using U.S. payment platforms and online job site accounts, as well as proxy computers located in the U.S. and U.S. persons and entities (some of which were unaware that they were helping to commit fraud). Prosecutors claim the scheme began early in 2020, when a group of overseas IT workers began providing remote services to U.S. companies. To get the jobs, the workers stole the identities of U.S. nationals and applied for remote jobs in the U.S. Once they had obtained jobs in the U.S.—sometimes through the use of staffing companies—they were able to access the internal systems of U.S. companies. Not only did they steal data and money, they were paid millions of dollars for their work, and falsely reported that information to the IRS. Chapman was arrested in Litchfield Park, Arizona, alongside her co-conspirators (referred to in the indictment as John Does 1-3, using the aliases Jiho Han, Haoran Xu, and Chunji Jin). Chapman was initially accused of assisting the IT workers in validating stolen identity information so that they could pose as U.S. citizens. The overseas IT workers gained employment at U.S. companies, including a top-five major television network, a Silicon Valley technology company, an aerospace manufacturer, an American car manufacturer, a luxury retail store, and a U.S.-hallmark media and entertainment company (referred to in the indictment as 'one of the most recognizable media and entertainment companies in the world'), all of which were Fortune 500 companies. Prosecutors say the overseas IT workers also exfiltrated (a fancy tech word for stole) data from at least two U.S. companies, including a multinational restaurant chain and an American clothing brand. (The overseas IT workers also attempted to gain employment and access to information at two different U.S. government agencies on three other occasions, although these efforts were generally unsuccessful.) The FBI also executed search warrants for U.S.-based 'laptop farms.' Laptop farms are residences that host laptops for overseas IT workers, so the IT workers appear to be operating inside the U.S. Chapman also shipped 49 laptops and other devices supplied by U.S. companies to locations overseas, including multiple shipments to a city in China on the border with North Korea. More than 90 laptops were seized from Chapman's home following the execution of a search warrant in October 2023. Prosecutors say the laptops included notes identifying the U.S. company and the identity associated with each laptop. Prosecutors allege that Chapman received and forged payroll checks, as well as received direct deposits of the overseas IT workers' wages from U.S. companies into her U.S. financial accounts. She then transferred the proceeds from the scheme to individuals overseas. Much the income generated by the scheme was reported to the IRS and Social Security Administration in the names of actual U.S. individuals whose identities had been stolen or borrowed. 'Using the stolen identities of U.S. citizens is a crime by itself, but when you use those identities to procure employment for foreign nationals with ties to North Korea at hundreds of U.S. companies, you have compromised the national security of an entire nation,' said Chief Guy Ficco of IRS-CI said following Chapman's arrest. 'For more than 100 years, IRS Criminal Investigation special agents have been following the money, and their financial expertise has once again stopped criminals in their tracks.' Prosecutors claim that Chapman was initially approached to participate in the scheme on LinkedIn, where she was asked to be the 'U.S. face' of a company. (Her LinkedIn page appears to have been taken down.) Chapman was charged with conspiracy to defraud the United States, conspiracy to commit wire fraud, conspiracy to commit bank fraud, aggravated identity theft, conspiracy to commit identity fraud, conspiracy to launder monetary instruments, operating as an unlicensed money-transmitting business, and unlawful employment of aliens. The John Does are charged with conspiracy to commit money laundering. Before her plea, Chapman faced a maximum penalty of 97.5 years in prison, including a mandatory minimum of two years on the aggravated identity theft count. Oleksandr Didenko A criminal complaint was also unsealed last year, charging Oleksandr Didenko, of Kyiv, Ukraine, with a separate scheme to create fake accounts at U.S. IT job search platforms and with U.S.-based money service transmitters. According to the criminal complaint, Didenko operated a website, which purported to provide services to remote IT workers. According to the affidavit supporting the complaint provided by the Special Agent with the FBI, who reviewed the website, the site advertised the ability for remote IT workers to buy or rent accounts in the name of identities other than their own. The site also advertised 'Credit Card Rental' in the European Union and the U.S., as well as SIM card rental for cell phones. Customers sent money to be loaded onto the card, and Didenko provided the card information to the customer after deducting a fee. (The domain was seized by the DOJ under a court order, and all traffic was initially diverted to the FBI. The URL is currently for sale.) According to the affidavit supporting the complaint, Didenko managed as many as approximately 871 'proxy' identities, provided proxy accounts for three freelance U.S. IT hiring platforms, and provided proxy accounts for three different U.S.-based money service transmitters. In coordination with his co-conspirators, Didenko is alleged to have facilitated the operation of at least three U.S.-based laptop farms, at one point hosting approximately 79 computers. Prosecutors alleged that Didenko acknowledged in messages that he believed he was assisting North Korean IT workers. Additionally, in November 2023, a U.S. cybersecurity firm discovered documents on an online storage platform related to North Korean IT workers' attempts to obtain remote employment. According to court documents, the firm assessed these documents with 'high confidence' as being attributable to an espionage group tied to North Korea. The documents included guides and tips on securing employment, writing a cover letter, building a resume, sample resumes of purported IT workers, and interview scripts. Several documents related to online job postings seeking employees that North Korean IT workers secured were found, including jobs with U.S. employers that were later tied through business records to the computers found in Chapman's residence (prosecutors allege that Didenko and Chapman's activities were connected). Prosecutors claimed that one of Didenko's overseas IT worker customers also requested that a laptop be sent from one of Didenko's U.S. laptop farms to Chapman's laptop farm, showing the interconnectivity of these cells within the North Korean overseas IT worker network. Search warrants were issued for four U.S. residences associated with laptop farms controlled by Didenko in the Southern District of California, the Eastern District of Tennessee, and the Eastern District of Virginia. Polish authorities arrested Didenko on May 6, 2024, at the request of the U.S., which sought his extradition from Poland. Didenko's arrest in the U.S. was logged in December of 2024, and the following month, Didenko pleaded not guilty. Didenko's attorney, Christopher Michael Davis of Davis and Davis, did not comment on the case beyond advising that Didenko has a status hearing in September. (Court documents indicate that Didenko does not speak or read English, and a Ukrainian translator is required to translate any plea agreement. The interpreter counsel has been using is out of the country through mid-August.) Other Co-Conspirators Last year, the U.S. Department of State announced a reward of up to $5 million for information related to Chapman's co-conspirators. The DOJ encourages anyone with information on Jiho Han, Haoran Xu, Chunji Jin, Zhonghua, associated individuals or entities, or their revenue-generating and money laundering activities to contact the Rewards for Justice office. That reward remains posted. Government Reaction 'The North Korean regime has generated millions of dollars for its nuclear weapons program by victimizing American citizens, businesses, and financial institutions,' said Assistant Director Rozhavsky of the FBI's Counterintelligence Division. 'However, even an adversary as sophisticated as the North Korean government can't succeed without the assistance of willing U.S. citizens like Christina Chapman, who was sentenced today for her role in an elaborate scheme to defraud more than 300 American companies by helping North Korean IT workers gain virtual employment and launder the money they earned. Today's sentencing demonstrates that the FBI will work tirelessly with our partners to defend the homeland and hold those accountable who aid our adversaries.' 'Today's sentencing brings justice to the victims whose identities were stolen for this international fraud scheme,' said Special Agent in Charge Carissa Messick of the IRS Criminal Investigation (IRS-CI) Phoenix Field Office. 'The scheme was elaborate. If this sentencing proves anything, it's that no amount of obfuscation will prevent IRS-CI and our law enforcement partners from tracking down those that wish to steal the identities of U.S. nationals, launder money, or engage in criminality that jeopardizes national security.' Alerts This month, FBI Phoenix issued guidance for HR professionals on detecting North Korean IT workers, and the Department of State issued guidance on the North Korean IT worker threat. Prior guidance was issued in 2022—it was an advisory to alert the international community, private sector, and public about the North Korean IT worker threat. The 16-page guide provided detailed information on how North Korean IT workers operate, red flag indicators for companies hiring freelance developers and for freelance and payment platforms to identify those workers; and general mitigation measures for companies to better protect against inadvertently hiring or facilitating the operations of such workers. The United States and the Republic of Korea (South Korea) issued updated guidance in October 2023, which included new indicators to watch for that are consistent with North Korean IT worker fraud and additional due diligence measures the international community, private sector, and public can take to prevent the hiring of North Korean IT workers. The FBI issued additional guidance in May 2024 regarding the use of U.S. persons acting as facilitators by providing a U.S.-based location for U.S. companies to send devices and a U.S.-based internet connection for access to U.S. company networks. More recently, the FBI issued guidance in January 2025 concerning the extortion and theft of sensitive company data by North Korean IT workers, along with recommended actions. The FBI encourages U.S. companies to report suspicious activities, including any suspected North Korean IT worker activities, to local field offices. Forbes Massive North Korean Fraud Planted Tech Workers, Hit 300 U.S. Companies By Kelly Phillips Erb Forbes 15 Tips To Help You Protect Yourself From Identity Theft And Related Tax Fraud By Kelly Phillips Erb
Daily Mail
6 days ago
- Daily Mail
Unassuming Arizona woman, 50, imprisoned over secret scheme to help KIM JONG UN
A suburban Arizona woman has been sentenced to more than eight years in prison for helping North Koreans earn millions for the regime's nuclear weapons program by infiltrating US companies posing as American citizens, authorities said. Christina Marie Chapman, 50, has been ordered to serve eight-and-a-half years in prison plus three years of supervised release and pay hefty fines for her role in the international scheme, according to the Justice Department. Chapman ran a 'laptop farm' from her home in Litchfield Park outside Phoenix, where she helped North Korean workers with stolen identities work remotely at US-based companies. 'The case involved one of the largest North Korean IT worker fraud schemes charged by the Department of Justice, with 68 identities stolen from victims in the United States and 309 US businesses and two international businesses defrauded,' the Justice Department said. The companies included Fortune 500 companies, a top five television network, a Silicon Valley technology company, an aerospace manufacturer, a car maker, a luxury retail store, and a media and entertainment company. The Justice Department noted that the scheme attempted to infiltrate at least two government agencies, but was unsuccessful. It generated more than $17 million for Chapman and the Democratic People's Republic of Korea. Prosecutors said Chapman became involved around October 2020 and helped North Korean workers secure American jobs for about three years. She helped validate stolen identification information from US nationals so the North Korean workers could pose as Americans. Chapman turned her home into a 'laptop farm,' where she received computers issued by the companies so that they believed the workers were living in the US. She sent other laptops to foreign nationals overseas, including several shipments to a Chinese city on the border with North Korea. She would log on from her home while the overseas employees patched in remotely. Chapman listed her home address for the workers' paychecks, deposited them into her bank account and then transferred the funds to North Korea, keeping a cut of the pay for herself. She forged the signatures of the beneficiaries, sent false information to the Department of Homeland Security over 100 times, and created false tax liabilities for over 35 Americans. Chapman's involvement was part of a larger operation North Korean IT workers to infiltrate American companies. in May 2024, charges were brought against three unidentified foreign nationals and a Ukrainian man for creating fake accounts on US IT job search platforms. Oleksandr Didenko, 27, carried out the scheme from Kyiv for years. He sold the fake accounts to overseas IT workers, who then used the identities to apply for remote work based in the US. 'Several U.S. persons had their identities used by IT workers related to Didenko's cell, and evidence in the complaint showed that the overseas IT workers using Didenko's services were also working with Chapman,' the Justice Department announced at the time. Chapman's address came up multiple times after the Federal Bureau of Investigation launched an inquiry. Didenko was arrested by Polish authorities at the request of the Justice Department, seeking the fraudster's extradition. Chapman's residence was searched in October 2023, revealing the illegal 'laptop farm' she ran. She pleaded guilty in February to charges of conspiracy to commit wire fraud, aggravated identity theft, and conspiracy to launder monetary instruments. As part of her sentence, Chapman was ordered to forfeit $284,555.92 that was paid to the Korean workers and was fined $176,850. 'Chapman made the wrong calculation: short term personal gains that inflict harm on our citizens and support a foreign adversary will have severe long term consequences,' Acting Assistant Attorney General Matthew R. Galeotti said of her sentencing. 'North Korea is not just a threat to the homeland from afar. It is an enemy within,' U.S. Attorney Jeanine Ferris Pirro added. 'It is perpetrating fraud on American citizens, American companies, and American banks. 'The call is coming from inside the house. If this happened to these big banks, to these Fortune 500, brand name, quintessential American companies, it can or is happening at your company.' Chapman's case goes beyond her Arizona laptop farm, as the FBI has identified an ongoing threat of foreign nationals posing as Americans to secure remote work. The FBI issued an alert in January warning companies of a large-scale operation targeting the US. The alert noted that companies that outsource IT work to third-party vendors are particularly vulnerable targets. To prevent falling victim to the scheme, the FBI advised hiring managers to cross-reference photographs and contact information with social media to verify that the person applying for the position is really who they say they are. The bureau also noted that requiring in-person meetings and only sending tech material to the address listed on the employee's contact information helps prevent fraud.
The Hill
6 days ago
- Business
- The Hill
Arizona woman sentenced over North Korea tech-worker fraud scheme
An Arizona woman was sentenced to more than eight years in prison on Thursday after she pleaded guilty to helping North Korean tech workers secure remote jobs with hundreds of U.S. firms using false identities. Christina Marie Chapman, 50, of Litchfield Park, Ariz., helped North Korean workers gain IT positions at 309 U.S. businesses as part of a scheme that reaped in more than $17 million, mostly for Pyongyang, according to a Justice Department statement. The department said much of the income was falsely reported to the IRS and Social Security Administration using the names of actual U.S. citizens, who had their identities stolen or borrowed. The scheme created false tax liabilities for 68 Americans whose identities were compromised, according to the DOJ. 'The impacted companies included a top-five major television network, a Silicon Valley technology company, an aerospace manufacturer, an American car maker, a luxury retail store, and a U.S media and entertainment company,' the DOJ said in its release. In the wake of the scheme, U.S. Attorney Jeanine Ferris Pirro urged companies to be more vigilant when vetting remote workers. 'North Korea is not just a threat to the homeland from afar. It is an enemy within. It is perpetrating fraud on American citizens, American companies and American banks. It is a threat to Main Street in every sense of the word,' Pirro said in a statement. 'The call is coming from inside the house. If this happened to these big banks, to these Fortune 500, brand name, quintessential American companies, it can or is happening at your company. Corporations failing to verify virtual employees pose a security risk for all. You are the first line of defense against the North Korean threat,' she added. Last year, the Justice Department made multiple arrests in connection to foreign remote workers who gained U.S. employment with stolen identities. In response to the latest scheme, U.S. District Court Judge Randolph D. Moss ordered Chapman to serve three years of supervised release in addition to the 102-month prison sentence. She will also be required to forfeit nearly $285,000 that was to be paid to the North Koreans and pay a judgement of more than $175,000. Chapman pleaded guilty on Feb. 11 in the District of Columbia to conspiracy to commit wire fraud, aggravated identity theft and conspiracy to launder monetary instruments, the DOJ said.
New York Post
6 days ago
- New York Post
Arizona woman who admitted to helping North Korean tech workers infiltrate US companies gets prison time
An Arizona woman is headed to prison for nearly a decade after perpetuating a fraudulent foreign worker scam that benefited the North Korean government. Christina Marie Chapman, 50, was sentenced to 102 months in a federal lockup for an elaborate scheme that involved helping North Korean residents pose as US citizens and helping them get remote IT jobs at 309 American companies, according to the Department of Justice (DOJ). Advertisement The identities of 68 Americans were stolen in the process. Chapman's scam generated more than $17 million for herself and the government of North Korea and was perpetuated from 2020 to 2023. In furtherance of the operation, Chapman received and hosted laptops in her home from the companies she defrauded, which included a Fortune 500 company, a major TV network, a Silicon Valley tech company and others. Those companies believed they had hired the Americans whose identities Chapman stole. Advertisement 5 Christina Marie Chapman was sentenced to 102 months in a federal lockup for an elaborate scheme that involved helping North Korean residents pose as US citizens. USDC for the District of Arizona 5 Chapman's home where a search warrant was executed in November 2023. USDC for the District of Arizona 5 A South Carolina drivers license Chapman used in the scheme. Department of Justice Instead, the workers were North Koreans barred from working in the US. Advertisement According to the DOJ, Chapman shipped 49 devices to a Chinese city that borders North Korea. More than 90 laptops were recovered from her home upon the execution of a search warrant in 2023. She pleaded guilty in February to conspiracy to commit wire fraud, aggravated identity theft and conspiracy to launder monetary instruments. 5 More than 90 laptops were recovered from her home upon the execution of a search warrant in 2023. Advertisement 5 A screenshot from a TikTok video posted by Chapman. Along with the prison sentence, she is required to forfeit $284,556 that was to be paid to the North Koreans and pay a judgment of $176,850. 'North Korea is not just a threat to the homeland from afar. It is an enemy within. It is perpetrating fraud on American citizens, American companies and American banks. It is a threat to Main Street in every sense of the word,' US Attorney Jeanine Ferris Pirro said. 'The North Korean regime has generated millions of dollars for its nuclear weapons program by victimizing American citizens, businesses and financial institutions,' added FBI Assistant Director of Counterintelligence Roman Rozhavsky. 'However, even an adversary as sophisticated as the North Korean government can't succeed without the assistance of willing US citizens like Christina Chapman, who was sentenced today for her role in an elaborate scheme to defraud more than 300 American companies by helping North Korean IT workers gain virtual employment and launder the money they earned.'
