tl;dr
Christina Marie Chapman, an Arizonan TikTok influencer, was sentenced to 8.5 years in prison for helping North Korean operatives fraudulently secure remote IT jobs at over 300 U.S. companies to fund North Korea’s sanctioned weapons program. Convicted of wire fraud conspiracy, aggravated identity the...
An Arizonan TikTok influencer, Christina Marie Chapman, received an 8.5-year prison sentence for aiding North Korean operatives in fraudulently securing remote IT jobs at hundreds of U.S. companies. The scheme was designed to fund North Korea’s sanctioned weapons program. Chapman was convicted in the District of Columbia on charges of wire fraud conspiracy, aggravated identity theft, and money laundering conspiracy. She was also ordered to pay restitution of $176,850 and forfeit over $284,000.
FBI Counterintelligence Assistant Director Roman Rozhavsky emphasized that the North Korean regime has generated millions for its nuclear program by exploiting American citizens, businesses, and financial institutions. He noted that even sophisticated adversaries like North Korea rely on the cooperation of willing U.S. citizens, such as Chapman, to succeed.
The case highlights North Korea’s covert strategy to infiltrate foreign firms, especially in the tech and cryptocurrency sectors. U.S. officials reveal that Pyongyang distributes thousands of skilled IT workers worldwide using false identities to obtain remote jobs. These operatives either funnel earnings back to North Korea or facilitate cyberattacks, particularly targeting crypto platforms.
Crypto platforms have become especially vulnerable, with North Korean hackers stealing $1.34 billion in cryptocurrency in 2024 alone—a 21% increase from the previous year, according to Chainalysis. Chapman, who had over 100,000 TikTok followers, was approached via LinkedIn around 2020 and operated a "laptop farm" from home. She hosted remote-access computers sent by companies, allowing North Korean workers to appear as U.S.-based employees. Authorities seized over 90 laptops from her residence and discovered she had shipped 49 devices overseas, including to a city in China near North Korea.
Using stolen or borrowed identities, the operatives earned millions through direct deposits or forged payroll checks. Chapman laundered the money through her accounts and sent it abroad, falsely reporting income to the IRS and Social Security Administration under real U.S. citizen names. Over several years, Chapman helped secure jobs for North Korean workers at more than 300 U.S. firms—ranging from Fortune 500 companies to major television networks, aerospace manufacturers, and Silicon Valley tech companies. Three North Korean accomplices remain at large.
North Korean operatives employ various deceptions such as VPNs, fake identities, and hiring intermediaries for initial job interviews to conceal their origins. Fraser Edwards, CEO of the UK company Cheqd, described several infiltration attempts his firm faced. Edwards noted suspicious signs like Korean characters appearing during screen sharing and IP addresses routing through proxies to avoid detection. He also mentioned that North Koreans now use European actors for early-stage interviews, making their infiltration efforts more difficult to spot. Even when their ruse is uncovered, these operatives often quickly shift to new fake identities and job postings.