Christina Chapman Gets 8.5 Years for North Korea IT Fraud Scheme

Christina Chapman received an 8.5-years federal prison sentence after pleading guilty to operating a laptop farm that helped North Korean cyber operatives work at over 300 U.S. companies as fake remote IT workers.

Chapman, who lives in the Phoenix area, admitted in a Washington D.C. court that she received and hosted over 90 laptops at her home and shipped 49 laptops and other devices overseas between 2020 and 2023. The scheme sent more than $17 million to North Korea’s government.

She pleaded guilty on February 11, 2025, to conspiracy to commit wire fraud, aggravated identity theft, and conspiracy to launder monetary instruments.

U.S. officials said the laptop farm formed part of a larger revenue network. This network has sent hundreds of millions of dollars to North Korea since 2020 through remote IT support, online gaming services and cryptocurrency laundering.

Justice Department prosecutors said Chapman managed the setup and storage of dozens of laptops that unsuspecting U.S. companies sent to her. North Korean workers used these laptops as local terminals to access corporate systems. 

The operatives worked under stolen identities and held jobs ranging from help-desk support to software testing at Fortune 500 companies, including an automaker, a Silicon Valley tech firm, a media group and an aerospace manufacturer.

While court documents don’t name specific victim companies, separate reports have identified Nike, Jeenie, and DataStaff among those that unknowingly hired the fake workers. These companies only discovered the breach after investigators traced unusual access logs back to Chapman’s Phoenix-area home.

Chapman must forfeit roughly $284,000 in illegal proceeds and pay an additional fine of more than $175,000 under her plea agreement. Prosecutors noted her share represented only a small fraction of the total $17 million she helped send to Pyongyang. U.S. authorities said North Korea used these funds to advance its weapons programs.

Court documents show Chapman managed employment paperwork and corporate correspondence for the remote workers and received a cut of their wages as payment. She told the judge that financial pressures from personal circumstances and limited legal job opportunities led her to participate in the scheme.

Chapman’s sentencing follows a Justice Department operation in January 2025 that seized hundreds of online accounts, websites, and laptops connected to the North Korean IT worker network. Prosecutors have identified additional U.S. nationals and accomplices in China and the United Arab Emirates who supported the widespread laptop farm scheme.

Cybersecurity experts said the case shows how hostile state actors are increasingly targeting organizations by exploiting remote work arrangements rather than using direct malware attacks. They warned that the pandemic-era shift to remote hiring has exposed critical gaps in identity verification and network monitoring.