A LinkedIn message drew a former waitress in Minnesota into a type of intricate scam involving illegal paychecks and stolen data
Christina Chapman looked the part of an everyday American trying to make a name for herself in hustle culture.
In prolific posts on her TikTok account, which grew to more than 100,000 followers, she talked about her busy life working from home with clients in the computer business and the fantasy book she had started writing. She posted about liberal political causes, her meals and her travels to see her favorite Japanese pop band.
Yet in reality the 50-year-old was the operator of a “laptop farm,” filling her home with computers that allowed North Koreans to take jobs as U.S. tech workers and illegally collect $17.1 million in paychecks from more than 300 American companies, according to federal prosecutors.
In a June 2023 video, she said she didn’t have time to make her own breakfast that morning—“my clients are going crazy,” she said. Then she describes the açaí bowl and piña colada smoothie she bought. As she talks, at least 10 open laptops are visible on the racks behind her, their fans audibly whirring, with more off to the side.
In 2023, Christina Chapman posted a TikTok that had racks of laptops visible in the background. The Wall Street Journal highlighted the laptops in this clip of the video.
Chapman was one of an estimated several dozen “laptop farmers” that have popped up across the U.S. as part of a scam to infiltrate American companies and earn money for cash-strapped North Korea. People like Chapman typically operate dozens of laptops meant to be used by legitimate remote workers living in the U.S.
What the employers—and often the farmers themselves—don’t realize is that the workers are North Koreans living abroad but using stolen U.S. identities. Once they get a job, they coordinate with someone like Chapman who can provide some American cover—accepting deliveries of the computer, setting up the online connections and helping facilitate paychecks. Meanwhile the North Koreans log into the laptops from overseas every day through remote-access software.
Chapman fell into her role after she got a request on LinkedIn to “be the U.S. face” for a company that got jobs for overseas IT workers, according to court documents. There’s no indication that she knew she was working with North Koreans.
China admitted in a secret meeting with U.S. officials that it conducted Volt Typhoon cyberattacks on U.S. infrastructure, WSJ reports.
China reportedly admitted in a secret meeting with U.S. officials that it carried out cyberattacks on U.S. infrastructure, linked to the Volt Typhoon campaign.
Massive ‘Typhoon’ cyberattacks on U.S. infrastructure and telecoms sought to lay groundwork for potential conflict with Beijing, as intruders gathered data and got in position to impede response and sow chaos
In the increasingly dangerous world of cybercrime, Brian Krebs faces threats, manipulation and the odd chess challenge
The City of London Police had put the teenage boy in the suburban Travelodge to protect him. They even set up a code with him and his mom to signal it was safe to open the door: “Lucky lucky.”
Then they grew suspicious.
The teen had a history with the police. It was September 2022, and 17-year-old Arion Kurtaj had been arrested twice earlier that year for his alleged role in a hacking group that stole data and demanded ransoms from some of the world’s biggest tech companies. Kurtaj, who is autistic, was released both times. The second time, that March, he had been let go under the condition that he stay offline.
AT&T and Verizon are among the broadband providers that were breached
Group critical of AI-generated art says it has obtained swaths of data from Disney’s Slack channels
UnitedHealth Group paid ransom to hackers, person familiar with the cyber investigation says
WhatsApp, Signal and Telegram among apps cut from iPhone app store to comply with censorship demand
The company later restored access to the chatbot, which is owned by OpenAI.
The directive is the latest step in Beijing’s campaign to cut reliance on foreign technology and could hurt Apple’s business in the country.
Hackers exploited a ‘zero-day’ flaw in Ivanti software to breach 12 ministries in Norway
Norway’s security officials warned around 20 critical infrastructure companies, other businesses and public agencies in the country they might also be vulnerable to a cyberattack disclosed Monday that hit 12 government ministries.
Regime has trained cybercriminals to impersonate tech workers or employers, amid other schemes
Cyberspace Administration says chip maker failed review, in a move that seems aimed at hitting back at U.S. chip ban
The iPhone maker is concerned workers could release confidential data as it develops its own similar technology.
Markets have imposed “inadequate costs” on companies that build vulnerable technology, it says.
Ukraine has achieved a cut-price version of what the Pentagon has spent decades and billions of dollars striving to accomplish: digitally networked fighters, intelligence and weapons.
Attorneys general found that Google violated state consumer protection laws by misleading consumers about its location-data practices, tracking consumers even when their location history setting was turned off.
Lloyd’s of London will require its insurer groups globally to exclude catastrophic state-backed hacks from stand-alone cyber insurance policies starting next year.
Cybersecurity experts say the error enabled the theft of records of nearly 1 billion people, including senior officials, leading to a $200,000 ransom note.
