In 1924, an innocuous American house might’ve hidden a speakeasy, slinging illegal booze to thirsty patrons during Prohibition. In 2020, you might’ve found the same house hiding dozens of Bitcoin miners. But in 2024, an American house hid a data center run by hackers operating it remotely from North Korea—and the US resident who took the job to keep it ticking is going to prison.
After a federal investigation and arrest, Christina Chapman will serve 8.5 years in prison, followed by three years of supervised release and paying back hundreds of thousands of dollars in restitution, if possible. Chapman was certainly not unaware of the illicit nature of her activities—”I can go to federal prison for falsifying federal documents,” one of her chat logs correctly notes—but she is arguably, at least partially, a victim herself.
50-year-old Chapman was searching for a remote job that would allow her to take care of her mother who was battling cancer, according to a letter sent to the judge, when she found the opportunity that would result in her arrest. That job was essentially to be a facilitator for yet more remote workers, in reality North Korean agents posing as Americans in hundreds of US companies, stealing both funds and secrets.
Through a combination of identity theft and remote access tools like VPNs and proxies, these agents posed as remote workers while operating out of a coordinated operations center in the isolated and heavily sanctioned hermit country. The FBI estimates that the fraud netted $17 million USD by the time it unraveled.
Ars Technica reports that Chapman’s job was to be the “warm body” on American soil. In addition to receiving and forwarding paychecks, she would take possession of company-issued laptops, sometimes operating them manually out of her home, sometimes sending them to yet more middlemen in China to be passed on to North Korea. When the FBI finally arrested her, there were more than 90 laptops in her home, open and running on racks, operating as an ad hoc data center.
Prosecutors said the hackers, employed under false identities, worked for “a top-5 national television network and media company, a premier Silicon Valley technology company, an aerospace and defense manufacturer, an iconic American car manufacturer, a high-end retail chain, and one of the most recognizable media and entertainment companies in the world.” Many were Fortune 500 companies, like Nike.
North Korea has a long history of sophisticated hacking, including massive malware operations and directed attacks at other countries and Western corporations. The most visible to ordinary people is probably the infamous hack of Sony Pictures in 2014, apparently carried out in retaliation for the comedy movie The Interview, which depicts a fictional version of North Korean dictator Kim Jong Un. But more recent attacks have focused on lucrative ransomware and deep intelligence operations. The rise of generative “AI” tools has fueled a sophisticated campaign of applying for and receiving jobs posing as remote workers from other countries. There’s a growing list of people who have discovered that their new coworker wasn’t who they pretended to be.
Chapman was effusive in her letter to the federal judge before sentencing, thanking the FBI for their work even though it resulted in a lengthy prison stay. “I had been trying to get away from the guys that I was working with for awhile and I wasn’t really sure how to do it… While this wasn’t the ideal way to get away from them, it did indeed get me away from them and I am thankful.”
Login to add comment
Other posts in this group
If there’s one thing you absolutely need every day, it’s a fast charg
Beginning today, Microsoft is debuting Copilot Mode for Edge, an expe
Sam Altman, the face of ChatGPT, recently made an excellent argument
Microsoft has tacitly confirmed that the mandatory Windows 11 24H2 up
The prices for VPNs nowadays can vary widely from absolutely free to
