An Arizona woman named Christina Marie Chapman [3], along with four other individuals, has been arrested and charged by the US Department of Justice for their involvement in a sophisticated employment scheme.


The scheme involved North Korean IT workers posing as US citizens to secure remote jobs at American companies. Chapman and her co-conspirators are accused of helping North Korean hackers infiltrate freelance networks and gain access to sensitive data and systems. The operation exploited the stolen identities of approximately 60 Americans to enable North Korean IT workers to secure employment at over 300 US companies, including Fortune 500 companies [4] [6], a major TV network [6], a defense company [6], a Silicon Valley tech firm [6], and an American car manufacturer [6]. Another US citizen named Minh Phuong Vong from Maryland has also been charged with conspiring to commit wire fraud by securing jobs for North Korean IT workers under his own identity and sending a portion of the salary to North Korea [6]. Additionally, a Ukrainian national named Oleksandr Didenko was arrested in Poland for identity fraud charges related to helping North Korean IT workers use fake identities to obtain jobs at US-based firms. The operation reportedly netted millions of dollars in wages and likely benefitted the heavily sanctioned North Korean regime. The hackers used aliases such as Jiho Han [1], Chunji Jin [1], and Haoran Xu [1], along with their manager [1], Zhonghua [1], to obtain illegal remote jobs in the US [1]. The indictment alleges that Chapman and her co-conspirators committed fraud and stole the identities of American citizens to enable individuals based overseas to pose as domestic [1], remote IT workers [1] [2] [4] [5] [6]. The Criminal Division of the Justice Department is committed to prosecuting complex criminal schemes like this one [1], which benefitted the North Korean government by providing revenue streams and proprietary information stolen by the co-conspirators [1]. The FBI has seized 17 websites used by these workers to conceal their identities and secure employment in American companies [1]. The United States is offering a reward of up to $5 million for information that helps disrupt the employment scheme of North Korean hackers in remote IT positions within American companies [1].


This sophisticated employment scheme involving North Korean IT workers posing as US citizens has had significant impacts on American companies and individuals. The arrests and charges brought by the US Department of Justice highlight the importance of combating such fraudulent activities to protect sensitive data and systems. Moving forward, it is crucial for law enforcement agencies to continue investigating and prosecuting similar schemes to prevent further exploitation and safeguard the integrity of remote IT positions within American companies.