IIn March 2020, around the time of the communist pandemic, Christina Chapman, a woman living in Arizona and Minnesota, received a message about LinkedIn asking her to “become the American face of the United States” and help overseas IT workers get remote employment.
With working from home becoming the norm for many, Chapman was able to find jobs for foreign workers in hundreds of U.S. companies, including some of the Fortune 500 companies such as Nike; “a Prime Minister’s Silicon Valley Technologies Company”; and one of the world’s most well-known media and entertainment companies.
Employers think they are hiring U.S. citizens. They are actually North Korea.
Chapman participated in the North Korean government’s plan to deploy thousands of “highly skilled IT workers” by stealing identities to make it look like they are in the United States or other countries. They raised millions of dollars to promote the government’s nuclear weapons development. U.S. Department of Justice and court records.
Chapman’s weird story (who ended up being sentenced to eight years in prison) is a strange geopolitical, international crime and a tragic story of a woman, tells a tragic story of isolated and works from home in a show-based economy, increasingly happening through computer screens, and it’s hard to tell the truth from the novel.
Secret North Korean workers not only help U.S. rivals – dictatorship, according to federal government and cybersecurity experts Under international sanctions In its weapons program – but also steals its identity and can hurt domestic companies by “making malicious cyber-invasion” into its network.
“Once Covid hits, everyone really gets virtual work, and a lot of the technical work never comes back to the office,” said Benjamin Racenberg, senior intelligence manager at cybersecurity firm NISOS.
“The company quickly realized: I can get good talent from anywhere. North Koreans and other job fraudsters have realized that they can trick the recruitment system into finding jobs. I don’t think we have enough communities to prevent this.”
To make plans, North Koreans need facilitators in the U.S. because these companies are “not willing to send laptops to North Korea or even China,” said Adam Meyers, head of the strikeback at cybersecurity firm CrowdStrike.
“They found someone who was also looking for a gig economics job and they said, ‘Hey, we’d love to make $200 per laptop for you.”
Chapman grew up in an abused home, drifting “between low-paying jobs and unstable housing”, According to the document Submitted by her attorney. In 2020, she also cared for her mother who was diagnosed with kidney cancer.
About six months after LinkedIn news, Chapman started running what law enforcement officers called “laptop farms.”
In addition to hosting a computer, she also helps North Koreans as U.S. citizens by verifying stolen identity information. Send some laptops abroad; log in to the computer so foreign workers can connect remotely; according to court documents, and receive salaries and transfer money to workers.
Meanwhile, North Koreans created fictional roles and online profiles to meet job requirements for remote IT worker positions. They often find jobs through staffing agencies.
In one case, the “Top Five National Television Networks and Media Companies” based in New York hired one of the North Koreans as a video mobility engineer.
The person pretending to be “Daniel B” asked Chapman to join the Microsoft team with his employer so that accomplices could join as well. The indictment does not list the full name of the victim.
“I just typed in Daniel’s name,” Chapman told North Korea, according to court records for online conversations. “If they ask you why you use two devices, just say the microphone on your laptop is not working properly.”
“Okay,” the foreign actor replied.
Chapman replied: “Most people can explain it.”
Chapman knew her actions were illegal.
“I hope you guys can find other people to do your body I-9. This is federal documents. I will send them for you, but let others do paperwork. I can go to federal prisons to fake federal documents,” Chapman wrote to her colleagues.
Chapman is also active on social media. In a video released in June 2023, she talked about having breakfast on the trip because she was busy and her clients were “crazy!” Online Report.
Behind Chapman is the shelves of at least a dozen open laptops with sticky notes. In October 2023, federal investigators raided her home and found 90 laptops. In February, she pleaded guilty to conspiracy to commit wire fraud, aggravated identity theft and conspiracy to conspiracy to launder money instruments.
During the three years Chapman worked with North Koreans, some employees received hundreds of thousands of dollars from a company. Overall, the plan created $17 million for Chapman and the North Korean government.
According to the Justice Department, the fraudsters also stole the identities of 68 people, who also took on false tax liabilities at the time.
Chapman thanked the FBI for arresting her in a letter to the court before the sentence, as she had been trying to get rid of the people I worked with for some time [sic] And I’m not sure what to do.”
“The area we live in is not offering many job opportunities that suit my needs,” Chapman wrote. “I send out the most sincere apology to those who are hurt. I’m not a person trying to hurt anyone, so knowing that I’m part of a company designed to hurt people has been devastatingly devastating.”
Last week, U.S. District Judge Randolph Moss sentenced Chapman to more than eight years in prison; confiscation of $284,000, which would be paid to North Koreans and a $176,000 fine.
Chapman and her accomplices are not the only ones who have committed this fraud. In January, the federal government also accused two North Korea of two, a Mexican citizen and two U.S. citizens, a program that helped North Korean IT workers find jobs and earned at least $866,000 in revenue. Ministry of Justice.
Racenberg of NISOS said he hopes cybercriminals use artificial intelligence to “get better and better” when implementing such solutions.
Racenberg said the company should conduct “open source research” for applicants because fraudsters will reuse resume content.
“If you put the first few lines of your resume in it, you might find two online, three other online resumes that are exactly the same as these very similar companies or similar dates,” Racenberg added. “That should raise some flags.”
In the interview, if there is background noise sounds like a call center, or if the applicant refuses to remove fake or blurred backgrounds, this may also be a reason for people to pay attention to, Meyers’ Crowdstrike said.
Racenberg said the company should ask new employees to visit the office to pick up their laptops instead of mailing them, because this allows the company to see if the person who appears is the same as the person you interviewed.
Five years after the pandemic, more and more companies are also starting to ask for employees Return to the office At least part-time. If all companies do this, will it eliminate the threat?
“Yes, that’s going to stop all this from happening,” Racenberg said. “But are we going back? Probably not.”
Health & Wellness Contributor
A wellness enthusiast and certified nutrition advisor, Meera covers everything from healthy living tips to medical breakthroughs. Her articles aim to inform and inspire readers to live better every day.
