$17 Million Scam: U.S. Woman Helped North Korean IT Workers Gain Employment and Send Funds to Pyongyang
How one woman deceived Silicon Valley companies on a massive scale.
A 48-year-old U.S. citizen, Kristina Marie Chapman, has pleaded guilty to orchestrating a large-scale fraud scheme that enabled North Korean IT specialists to secure jobs at hundreds of American companies. The salaries they earned—totaling $17.1 million—were funneled back to North Korea.
Chapman facilitated the employment of North Korean tech professionals in U.S. firms by using forged documents and the stolen identities of over 70 unsuspecting American citizens. Employment contracts were issued under these false identities, allowing the illicit transfer of funds to Pyongyang.
According to the FBI, these North Korean operatives infiltrated major corporations, including telecom giants, defense contractors, automotive manufacturers, and high-tech firms in Silicon Valley. In some cases, they even attempted to gain employment at two U.S. government agencies but were denied access.
Chapman is not the only one facing legal action. Another suspect, Alexander Didenko, was arrested in 2024, and U.S. authorities are seeking his extradition. Investigators have also identified three North Korean individuals whom Chapman and Didenko assisted. The U.S. State Department has linked these individuals to North Korea’s military-industrial complex, including the development of ballistic missiles and other weaponry.
The U.S. government is intensifying its crackdown on North Korea’s illegal employment schemes under the DPRK RevGen: Domestic Enabler program. In recent weeks, two other Americans have been charged in similar cases.
The FBI warns that, in response to stricter law enforcement measures, North Korea is increasingly resorting to cyberattacks. Recent incidents include extortion, data theft, and ransomware attacks targeting companies. North Korean hackers have been demanding ransoms for stolen information, threatening to leak or erase critical data if their demands are not met.
Meanwhile, cybersecurity firms are facing a new challenge: cybercriminals are leveraging artificial intelligence and deepfake technology to impersonate software developers and secure jobs at tech companies. One such incident was reported by Vidoc Security Lab, where fraudsters successfully passed initial interview stages before being exposed as imposters.
