Shocking Crypto Job Scam: US Woman Gets Prison for Helping North Korean Hackers Steal Millions

Another day, another crypto crime—but this one’s got geopolitical fangs. A US woman just got slapped with prison time for acting as a money mule for North Korean hackers. Who said remote work doesn’t pay?

The scam: Fake crypto job listings lured victims into laundering stolen funds. Classic ‘Wolf of Wall Street’ meets cyber-espionage—except with fewer yachts and more VPNs.

The fallout: Millions vanished faster than a Bitcoin during a bear market. Meanwhile, traditional banks are still clearing checks from 1973.

Why it matters: When nation-state hackers weaponize crypto jobs, everyone loses—except lawyers billing by the hour.

Remember kids: If a ‘crypto recruiter’ DMs you offering 6 figures to ‘move digital assets,’ maybe check if they’re on OFAC’s naughty list first.

Laptop Farm and Fake Identities Used to Deceive US Firms

Chapman admitted to conspiring with North Korean nationals to provide them with stolen or borrowed identities of American citizens. These identities were then used to apply for remote IT positions at 309 US and two international companies between 2020 and 2023.

By presenting fraudulent documents to employers and US government agencies, including the Department of Homeland Security, Chapman helped North Korean workers bypass employment verification systems and receive payments through US financial accounts.

The operation involved a sophisticated set of tactics to maintain the illusion that the North Korean workers were US-based. Chapman reportedly operated a “laptop farm” at her home, hosting work devices from various companies to make it appear that the workers were logging in from American soil.

Authorities seized more than 90 laptops from her residence, and evidence showed she shipped at least 49 devices to locations abroad, including cities NEAR North Korea.

Chapman also helped launder funds through her own accounts, receiving wages and forged payroll checks under the stolen identities. These funds were funneled overseas, with some falsely reported to the IRS and Social Security Administration under the names of unwitting US citizens.

In total, 68 American identities were compromised during the scheme, leading to potential legal and tax complications for the victims. US District Court Judge Randolph D. Moss sentenced Chapman to 102 months in prison, along with three years of supervised release, asset forfeiture of nearly $285,000, and restitution of $176,850.

Broader Implications and Ongoing National Security Concerns

The Department of Justice described the case as one of the largest involving North Korean IT worker infiltration to date. US Attorney Jeanine Pirro emphasized the broader threat posed by such schemes, warning that North Korea’s attempts to bypass sanctions now reach into corporate America.

Pirro called on companies to increase scrutiny over remote hires, noting that failure to verify employment locations opens critical vulnerabilities.

Acting Assistant Attorney General Matthew R. Galeotti described Chapman as a critical enabler for North Korea’s efforts to exploit American companies and financial institutions.

According to the FBI and IRS, the fraud not only financially benefited North Korea but also contributed to funding its nuclear weapons program.

FBI Phoenix has since issued guidance for HR departments to detect fraudulent remote workers linked to North Korea. A 2024 UN report estimated that North Korean IT workers generate between $250 million and $600 million annually through such activities.

Featured image created with DALL-E, Chart from TradingView