- TikTok influencer Christina Chapman received 102 months prison for helping North Koreans get remote jobs at 300+ U.S. companies using stolen identities.
- She ran an Arizona “laptop farm,” shipped devices overseas, and faked U.S. locations so operatives could access payroll systems undetected.
A U.S. court sentenced TikTok influencer Christina Marie Chapman to 102 months in prison. Chapman assisted North Korean information technology workers in securing remote employment with over 300 American companies.
According to court documents, Chapman operated a “laptop farm” from her Arizona residence. She obtained stolen or borrowed U.S. identities. These identities allowed North Korean operatives to apply for remote jobs falsely.
When U.S. companies hired these workers, Chapman connected company-provided laptops to individuals near North Korea. This setup made it appear work originated within the United States. Chapman shipped at least 49 laptops overseas, including near the China-North Korea border.
Authorities searched Chapman’s home in 2023. They found over 90 laptops. Many displayed false identity labels. This operation enabled access to corporate systems and U.S. payroll payments.
The Justice Department states Chapman used 68 stolen identities. Her actions deceived 309 U.S. companies and two international businesses. Applications even targeted U.S. government agencies, though unsuccessfully.
Furthermore, the scheme moved approximately $17 million out of the United States. Officials confirm North Korea used these funds for sanctioned activities. Payments often traveled via digital currency channels.
Specific cryptocurrency firms were not identified in court filings. However, U.S. intelligence reports consistently identify the digital currency sector as a frequent target for North Korean remote work infiltration. North Korea has a documented history of placing workers in Western firms, particularly within digital currency startups.
Chainalysis data indicates North Korea acquired $1.34 billion in digital currency through theft during 2024.
Meanwhile, authorities highlight a vulnerability. Remote hiring processes within the digital currency industry often involve fewer identity confirmation steps. This characteristic attracts operatives linked to North Korea.
Law enforcement agencies report increased detection efforts. Despite this, officials estimate hundreds of North Korea-connected IT personnel remain employed inside global companies. This includes businesses operating within the digital currency space.
