The Journal. - The Everyday American Who Hustled for North Korea
Episode Date: June 3, 2025Christina Chapman presented herself as just another influencer on TikTok. In reality, she operated a “laptop farm” that allowed North Koreans to take jobs as U.S. tech workers and scam more than 3...00 U.S. companies out of millions of dollars. WSJ’s Robert McMillan breaks down the scam and Chapman’s crucial role in it. Annie Minoff hosts. Further Listening: - North Korea's Propaganda Mastermind - Your New Hire May Be a North Korean Spy - Hack Me If You Can Sign up for WSJ’s free What’s News newsletter . Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
Bob, can you tell me about this influencer you've been watching on TikTok?
Yeah, her name is Christina Chapman.
Hi, Lovies.
I just wanted to pop on for a second.
And she talks about food accountability.
I guess it's day three.
Day three.
Day two of accountable, accountable eating.
She talks about political causes.
That I will support and defend the Constitution of the United States.
She talks about Japanese boy bands.
And I'm wearing my shirt.
Epidemia!
This is not official march.
These are shirts that I made myself.
And every now and then,
she'll slip in something about maybe a Renaissance fair,
you know, just the kind of things that people want to watch TikTok videos about.
Our colleague Bob McMillan covers cybersecurity.
And there's one video of Chapman's in particular that he says is a bit unusual.
On its face, it's pretty innocuous.
Chapman's showing her followers some breakfast that she picked up.
I just got a smoothie bowl.
It's an acai smoothie bowl and it has banana, strawberries,
mangoes, and some coconut.
What's really interesting to me is that it's not shot in her kitchen.
It's shot in her spare room, but the racks on the wall of the room, no pictures or anything,
just these racks.
And on the racks are laptop computers.
I counted at least 10 laptop computers with different colored sticky notes on them.
And the computers are worrying away in the background there as she talks about the smoothies she's eating.
So it doesn't really taste like pina colada anymore.
But it's good.
What was Christina Chapman doing with ten laptops in her spare room?
Well, according to a federal indictment...
What she's doing is a scam.
And what the scam is called is laptop farming.
The U.S. government says that Christina Chapman was a laptop farmer, and her employer was
North Korea.
She's facilitating a multimillion dollar fraud that's designed to bring money into the heavily sanctioned
North Korean regime.
Welcome to The Journal, our show about money, business, and power.
I'm Annie Menoff.
It's Tuesday, June 3rd. Coming up on the show, how an everyday American helped North Korea scam corporate America. The new BeMo VI Porter MasterCard is your ticket to more.
More perks.
More points.
More flights.
More of all the things you want in a travel rewards card.
And then some.
Get your ticket to more with the new BeMo VI Porter MasterCard and get up to $2,400
in value in your first 13 months.
Terms and conditions apply.
Visit bemo.com slash V.I. Porter to learn more.
What's better than a well-marbled ribeye sizzling on the barbecue?
A well-marbled ribeye sizzling on the barbecue that was carefully selected by an Instacart
shopper and delivered to your door.
A well-marbled ribeye you ordered without even leaving the kiddie pool.
Whatever groceries your summer calls for, Instacart has you covered.
Download the Instacart app and enjoy zero dollar delivery fees on your first three orders.
Service fees, exclusions, and terms apply.
Instacart. Groceries that over-deliver.
groceries that over deliver.
Hi, everybody. TikTok fam. I need some help and I don't know really how to do this.
In January 2021, Christina Chapman took to TikTok to check in with her followers. Her financial situation was precarious.
I mean, she had worked as a waitress, as a massage therapist, and right around 2019,
she decided to sort of reinvent herself in the era of the gig economy.
She went to a tech boot camp and got some web development skills.
But it wasn't paying out, right?
Like she was living in a small town north of Minneapolis, basically in a trailer.
I'm classified as homeless in Minnesota.
I live in a travel trailer.
I don't have running water.
I don't have a working bathroom.
And now I don't have running water, I don't have a working bathroom, and now I don't have heat.
But Chapman's situation was about to turn around.
In fact, the answer to her financial troubles
had arrived just a few months before she posted that video
in the form of a social media message.
The message comes via LinkedIn,
and it says, we're a foreign company looking for a U.S.
representative.
That's really all we know about the message.
We do know that Chapman agreed to help out.
And according to court documents, we know who that message came from.
North Korean scammers.
Chapman had stumbled into what's become a vast scam designed to bring hundreds of millions
of dollars into North Korea.
It took off during the pandemic, when many U.S. tech jobs moved online.
And it works like this.
North Koreans trained in IT apply for remote jobs in the U.S.
Those workers get hired, start work, and get paid. All under false identities.
— It's almost always a tech job, right?
So it's quite often coding.
— And do they do the job?
— Yeah, they do, you know.
Like, I've heard stories of these—
some North Koreans, they just kind of—
they get hired, they log into a couple meetings,
they never say anything, and then they're quickly fired.
Right? And then some apparently last for years.
According to the FBI, their paychecks likely get funneled to the North Korean regime, where
the money may help fund things like the country's nuclear weapons program.
This is sort of their latest hustle and it's a pretty lucrative one.
The FBI estimates they make hundreds of millions of dollars a year from this.
But the other problem is that they also steal data and they extort their employers.
What kind of stuff?
Well, I mean, whatever they can get their hands on.
These North Korean scammers have been able to infiltrate a wide range of industries,
from retail to the auto industry, even to cybersecurity.
There's one cybersecurity company, I don't know who it is, but they apparently hired
nine workers that turned out to be North Koreans.
That is wild to me. Imagine being a North Korean hacker and applying for a job at a
cybersecurity company. Yeah, imagine getting it.
Richard, what are you looking for in terms of challenges with this job?
I'm looking for any challenges and opportunities for my professional growth.
The U.S. cybersecurity company CrowdStrike shared a video with the journal.
It shows just how adept North Korean scammers have become at acing job interviews.
So maybe in the next five years later,
I can see myself on a little position,
but right now I'm looking for a individual contributor role.
Scammers have no problem doing interviews,
showing up for Zoom meetings, and coding remotely.
But there are some tasks that they can't do,
tasks that require them to be physically present in the US.
But the scammers have found a way around this too.
They'll just hire some random person to show up at the company, pretend to be the worker
whose identity they've stolen, and collect their laptop or collect a badge.
They will hire people to receive packages to reship things if they need somebody to
be in a certain state or something like that. The companies have these controls you know to make sure
that the people that they're hiring are legitimate and the North Koreans are
just like remarkably creative and just hiring somebody to solve any kind of
control you have. One key hire is the laptop farmer. How important is the
laptop farmer in all of this?
Yeah.
It's like the heart and soul of it all, right?
Because corporations don't react well to employees logging in from North Korea.
You need to look like you're connecting to the corporate internet from America.
Laptop farmers help make that happen.
They receive North Koreans' work laptops and help set them up so that the scammers can
operate them remotely.
They also help with logging on in the morning and logging off at night.
And that's what Christina Chapman did.
After she got that LinkedIn message, Chapman became one of what researchers estimate
could be dozens of laptop farmers
who've cropped up all across the US.
Christina receives the laptops
that these remote workers get issued as part of their jobs,
and she sets them all up
and makes them all run from her room.
But according to the indictment,
that was just the beginning.
Christina Chapman did a lot of things for her clients that were crucial to the whole
fraud and she kind of operated like a staffing agency for illegal workers.
How laptop farming transformed Chapman's life? That's after the break.
By January, 2023, Christina Chapman was much more than a veteran laptop farmer.
She was like an HR representative,
administrative assistant and tech support,
all rolled into one person.
She's basically responding to all the requests that are coming in to all these North Korean workers
to just making sure they get through the HR onboarding.
When you get hired, you got to fill out W-2s.
So much paperwork.
You got to provide a proof that you can work in the United States.
You have to install some sort of remote access tool on the laptop so that the North Koreans can connect to it and
pretend to be working from that laptop. And you know sometimes she she she seemed
a bit worn out from all the dip. She talks about the demands of her clients
and how demanding they were.
I did not make my own breakfast this morning. My clients are going crazy, so I just...
How much money was she making in this job?
Well, she made okay money, you know,
not like crazy amounts of money.
I mean, according to the feds, she brought in,
in the paychecks that were paid to the fake workers
that worked through her laptop farm
amounted to more than $17 million.
Wow.
And she made a percent of that in fees.
Chapman's total earnings amounted to just under $177,000 over two years.
With that money, she was able to move into a four-bedroom house in Phoenix with a roommate.
He'd even had a yard for her three chihuahuas, Henry, Serenity, and Berrito.
And she could afford to treat herself once in a while.
This one video really stood out to me.
She's in her backyard.
She's unboxing this Carla Rockmore jewelry.
Chapman opens the packaging to reveal a $72 green ring.
Look at how beautiful that is.
It is such an elegant statement piece.
So beautiful.
You know, and she's so excited.
And she at one point she says, I've never purchased jewelry with care instructions before.
This is my first jewelry I've ever purchased with care instructions.
That same day, Chapman posted about going to a comedy show where drunken actors perform Shakespeare.
And she talks about how she wants to bid for the Queen's seat there, and that's the cushion seat, and then she gets it.
Today I got to be Queen... Queen... for the night.
And I got to die. I got to act out my death.
And it was amazing.
Such a contrast from the woman who was crying on the TikTok
and now can afford to have the queen's seat.
Yeah, I mean, she was showering in her gym,
you know, a couple of years earlier,
and now she's got the queen's seat at Drunken Shakespeare.
But then, in October of 2023, Chapman's life took yet another turn.
The FBI knocks on her door and they seize all these laptops. They seize 90 devices from
her house. And, you know, that's the end of it.
In early 2024, Chapman was arrested and charged with fraud, identity theft, and money laundering.
She pleaded guilty.
She's due to be sentenced next month and could face just over nine years in prison.
Did she know she was doing the bidding of the North Koreans?
Well, there's no evidence to show that she knew she was working with the North Koreans,
but there's excerpts of her chats that are included in charging documents. It's pretty clear. She knew she was doing something illegal
she talks about the illegality of you know
Signing federal forms and forging signatures and things like that
Without her laptop farming job Chapman found herself back in a familiar situation
Trying to string together enough gig work to make ends meet.
At one point she does DoorDash in Phoenix and makes like $7.25 for the night.
She tries to sell coloring books, she tries GoFundMe's, she just tries anything she can to kind of keep herself housed.
According to her attorney, Chapman is currently living at a homeless shelter.
She's right back where she started.
Even worse, yeah.
Now that this has become such a pervasive problem,
how are government agencies and companies fighting back against this North Korean remote worker scam? You know it's funny I interviewed the CSO of
Amazon a couple of weeks ago and he was aware of this problem and I said what do
you do about it and he said bring your employees in five days a week. For any
boss who's been looking for an excuse to bring people back to the office, this is
it.
I mean, you got to meet them face to face.
You got to bring them in.
This is a huge problem.
There's no driver's license for the internet, right?
And it is basically impossible to really know that you are meeting somebody who is who they claim to be, right?
Like, so if you deal with financial institutions or the government,
they have all these systems to sort of establish...
Security questions, two-factor...
Security questions, all this stuff.
And what the North Koreans have shown with this laptop farming phenomenon
is a big part of it can be circumvented by just hiring somebody
through a gig economy website to cheat it.
Criminals are just able to pretend to be anyone they want. That's all for today, Tuesday, June 3rd.
The Journal is a co-production of Spotify and The Wall Street Journal.
If you like the show, follow us on Spotify or wherever you get your podcasts.
We're out every weekday afternoon.
Thanks for listening.
See you tomorrow.