William Simpson
washington – An Arizona woman has been charged with conspiring with people linked to the North Korean government to illegally obtain remote telework positions with American companies, federal prosecutors said Thursday.
Christina Chapman allegedly worked with North Korean IT workers Jiho Han, Chunji Jin, Haoran Xu and others as part of a scheme to steal identities from U.S. citizens and obtain remote jobs at U.S. companies using those fake identities, according to charging documents .
In all, Chapman and his co-conspirators allegedly used the identities of more than 60 individuals living in the United States to generate nearly $7 million for the North Korean government from more than 300 U.S. companies.
Prosecutors said some of the companies affected were Fortune 500 corporations, including a major TV network, a defense company and an automobile manufacturer.
Investigators alleged that Chapman even used laptops that were given to his co-conspirators under false pretenses to make it appear they were actually located in the United States and later facilitated the laundering of their wages. The government accused her of operating a “laptop farm” in an unsuccessful attempt to get some of the workers hired by U.S. government agencies, including the Government Services Administration.
She is also accused of helping foreign workers remotely connect to their U.S. jobs via laptops and collecting workers’ paychecks in her home.
Han, Jin and Xu are linked to North Korea’s Department of Munitions Industry, according to a State Department memo offering $5 million for information leading to the disruption of the scheme. The department deals with ballistic missiles and weapons production.
They are accused of working with Chapman in an effort to launder the illicit money back into North Korea.
Chapman was arrested in Phoenix on Thursday.
“The charges in this case should serve as a warning to American companies and government agencies that employ remote IT workers. These crimes benefited the North Korean government by providing it with a revenue stream and, in some cases, proprietary information stolen by co-conspirators,” Nicole M. Argentieri, head of the Justice Department’s Criminal Division, said in a statement.
Federal investigators said that since at least 2020, the IT group has been working to devise a remote work scheme at U.S. companies that resulted in false identifying information being transmitted to government agencies.
Prosecutors say that in March 2020, an unknown individual contacted Chaman on LinkedIn and asked him to “be the American face” of his company.” From August 2022 to November of last year, workers in North Korea allegedly began store relevant resumes. And they used an online background check system to target specific American citizens in an effort to steal their identities, the indictment said.
According to the indictment, the complex scheme required foreign workers to develop “fictitious personas and online profiles to match job requirements” and submit false documents to the Department of Homeland Security as part of “a verification of employment eligibility.”
The messages show Chapman allegedly talking to his co-conspirators about transferring money earned from these jobs.
The charges were announced Thursday along with a criminal complaint filed against a Ukrainian man accused of a similar scheme in which he helped individuals in North Korea “promote” themselves as remote IT workers.
