An Arizona woman is sentenced to 8½ years for running a laptop farm that enabled North Korean operatives to infiltrate U.S. tech firms.
A woman from Arizona has been sentenced to over eight years in federal prison for assisting North Korean operatives in the infiltration of US cryptocurrency and tech firms through the use of stolen identities and fraudulent documents.
Christina Marie Chapman was found guilty of a conspiracy of wire fraud, aggravated identity theft, and money laundering, per a proclamation made by the US Attorney’s Office for the District of Columbia on Thursday. She was sentenced to 102 months, which equates to approximately 8.5 years in incarceration.
Prosecutors allege that Chapman collaborated with individuals affiliated with the Democratic People’s Republic of Korea (DPRK) to secure remote IT positions at over 300 U.S.-based organizations.
The North Korean laborers assumed the identities of US citizens and residents, and the scheme generated over $17 million in illicit revenue.
On February 11, Chapman entered a plea of guilty. Chapman was also required to serve three years of supervised release, forfeit over $284,000 in funds associated with the conspiracy, and pay nearly $177,000 in restitution, in addition to her prison sentence.
The trend of DPRK infiltration is on the rise.
The case is one of the most significant information technology worker conspiracies in the DPRK that the US Department of Justice has prosecuted. It entailed the theft of the identities of 68 US individuals and the defrauding of 309 US enterprises and two international companies.
Nevertheless, this is not an uncommon occurrence. According to recent reports, four North Korean individuals infiltrated a US crypto startup and a Serbian virtual token company by assuming the identities of remote IT workers, using stolen and fabricated identities. They were able to plunder over $900,000.
The US Treasury sanctioned two individuals and four entities earlier this month for their alleged involvement in a North Korean-operated IT worker conspiracy that was intended to infiltrate cryptocurrency companies to exploit them.
North Korea utilizes the illicit funds to fund its weapons of mass destruction program, as stated in an X post by the US Treasury Department at the time.
Web3 initiatives were infiltrated by hackers posing as legitimate information technology (IT) workers last month, resulting in the theft of approximately $1 million in cryptocurrency.
Jamie Collier, an adviser to the Google Threat Intelligence Group (GTIG), warned in early April that DPRK infiltrators had also been discovered in UK crypto companies. North Korean hackers were able to infiltrate “hundreds” of large, multinational information technology firms, according to reports from late November 2024.
What are the legal repercussions for American companies?
Some legal professionals caution that companies that employ fraudulent workers may be held accountable under US sanctions law, even if they were unaware of their true identities.
Aaron Brogan, a US litigator specializing in cryptocurrency, stated to Cointelegraph that the sanctions regimes in the United States are “extremely extensive” and enforce a “strict liability” policy. “Technically, any individual who participates in sanctioned activity, intentionally or unintentionally, is guilty.”
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) is routinely violated by paying DPRK-based developers, according to Niko Demchuk, head of legal at crypto compliance firm AMLBot, in an interview with Cointelegraph.
He stated that companies engaged in such activities are at risk of civil penalties, criminal fines, reputational harm, secondary sanctions, and banking or export control violations. He further stated that the utilization of stolen identities by DPRK actors is not a valid justification:
“If DPRK developers use fake or stolen identities to bypass company sanctions compliance checks and receive payments, the companies could still face legal trouble under OFAC regulations.“
Nevertheless, Brogan stated that it is doubtful that OFAC will pursue companies that have inadvertently employed fraudulent workers.
Nonetheless, he stated that the situation would be different “if the scope of work was extremely sensitive and they failed to adhere to reasonable identification verification procedures.”