U.S. Charges Five in North Korea Cyber Scheme

Five individuals charged in schemes benefiting North Korea's weapons program.

Charges were unsealed today against an Arizona woman and four foreign nationals accused of participating in schemes to place overseas Information Technology (IT) workers, posing as U.S. citizens and residents, in remote positions at U.S. companies. These schemes allegedly benefited individuals associated with North Korea, aiding its government and illicit nuclear program.

The charges were announced by U.S. Attorney Matthew M. Graves, Principal Deputy Assistant Attorney General Nicole M. Argentieri, FBI Assistant Director in Charge Jim Smith, FBI Special Agent in Charge Akil Davis, and IRS-Criminal Investigation Acting Special Agent in Charge Carissa Messick. This case represents the largest ever charged by the Justice Department involving the IT workers scheme.

Christina Marie Chapman, 49, from Litchfield Park, Arizona, is charged with multiple counts including conspiracy to defraud the United States, wire fraud, bank fraud, and identity theft. Three foreign nationals, identified by aliases Jiho Han, Haoran Xu, and Chunji Jin, are also charged alongside Chapman. Oleksandr Didenko, 27, from Kyiv, Ukraine, faces similar charges in a separate complaint.

The charges reflect a long-term campaign by the North Korean government to infiltrate U.S. job markets to raise revenue for its nuclear program. U.S. Attorney Matthew M. Graves emphasized the broad approach to attacking funding sources for North Korea across the United States.

Chapman and her co-conspirators allegedly stole identities of American citizens to enable overseas individuals to pose as domestic IT workers. This fraud reportedly generated at least $6.8 million for the overseas workers, many of whom were connected to North Korea. Chapman hosted a “laptop farm” in her home to make it appear that overseas computers were U.S.-based and managed financial transactions for these workers.

Didenko is accused of creating accounts on U.S.-based freelance IT platforms using false identities, including those of U.S. persons, and selling them to overseas IT workers. His company, “UpWorkSell,” advertised services to allow individuals to pose under false identities and market themselves for remote IT work. Didenko was arrested in Poland and the U.S. is seeking his extradition.

If convicted, Chapman faces up to 97.5 years in prison, while Didenko faces up to 67.5 years. The case against Chapman was investigated by the FBI’s Phoenix Field Office and IRS-Criminal Investigation’s Phoenix Field Office. The case against Didenko was investigated by the FBI’s New York Field Office.

The U.S. Department of State announced a reward of up to $5 million for information related to Chapman’s co-conspirators. Updated guidance on the North Korea IT worker threat is available at the following links: May 2022 advisory and October 2023 guidance.

An indictment and a complaint are merely allegations, and all defendants are presumed innocent until proven guilty in a court of law.

Source: Read Original Release