WSJ Tech News Briefing: Remote Work Is Convenient for Employees…and North Korean Scammers

Episode Release Date: May 30, 2025
Host: Victoria Craig
Reporter: Bob McMillan
Publication: The Wall Street Journal

Introduction

In this episode of WSJ Tech News Briefing, host Victoria Craig explores the darker side of the remote work revolution. While remote employment offers significant benefits for American workers, it has inadvertently created opportunities for sophisticated scams orchestrated by North Korean operatives. This detailed analysis delves into how these scams operate, their impact on both individuals and corporations, and the broader implications for the tech industry.

The Emergence of Laptop Farms

Victoria Craig introduces the concept of "laptop farms," a new form of gig economy job that has surfaced post-COVID-19 alongside the surge in remote work. These operations are not advertised publicly but are typically recruited through platforms like LinkedIn or gig work websites.

Key Insights:

• Laptop Farmers: Individuals who receive laptops to ship to fake workers posing as employees of legitimate U.S. companies. These devices are then remotely controlled by North Korean workers to perform various tech tasks such as Python development.
• Bob McMillan explains, “This is a new gig economy job...you get a request maybe via LinkedIn or some kind of gig work site that asks if you want to help a foreign company with U.S. representation.” (02:14)

Case Study: Christina Chapman

Christina Chapman exemplifies the human element within these scams. Initially living in dire circumstances—a trailer in Minnesota without heat and relying on gym showers—Chapman was lured into the scheme through a deceptive job offer on LinkedIn.

Notable Quotes:

• Chapman’s life was significantly improved by the job, yet it was entirely illegal. As Bob notes, “[...] she was desperate and it really did turn her life around. The problem is it’s completely illegal.” (04:18)
• Post-discovery, Chapman faced severe repercussions, ending up in a homeless shelter despite her initial financial relief from the scam.

Modus Operandi: Infiltrating Corporate America

Bob McMillan details the sophisticated methods North Korean scammers use to infiltrate reputable U.S. companies:

1. Building Legitimate Profiles: Creating believable LinkedIn profiles, maintaining GitHub repositories, and establishing fake companies as references.
2. Overwhelming Job Requests: Bombarding companies with applications to bypass standard hiring diligence.
3. Circumventing Verification Processes: Initially using AI-driven avatars for virtual interviews until companies tightened their verification methods, leading scammers to employ genuinely skilled tech workers to pass interviews.

Quote: “They build this sort of simulation of a legitimate, usually a tech worker profile...” (07:15)

Objectives of the Scammers

North Korean operatives engage in these scams primarily for three reasons:

1. Financial Gain: Generating hundreds of millions of dollars annually to fund the heavily sanctioned regime, including military programs.
2. Data Exfiltration: Stealing corporate secrets, source code, and sensitive information to sell or use for extortion.
3. Espionage: Targeting aerospace and other sensitive industries to gather intelligence and technological advancements.

Bob McMillan summarizes, “First and foremost, they want money... they want more money... and the FBI suspects that they are also conducting espionage.” (08:31)

Scale and Impact

The FBI estimates thousands of such remote workers are involved in these scams, affecting a wide range of industries. Initially prevalent in the cryptocurrency sector, the reach of these scams has expanded significantly, posing a threat to any organization relying on remote employees.

Quote: “It feels like anybody who is hiring a remote worker has to worry about this.” (09:38)

Corporate Response and Mitigation

Companies are grappling with how to address this pervasive issue. Despite awareness among top executives—such as Amazon's Chief Security Officer—solutions remain limited. The suggestion to mitigate risks includes requiring employees to work on-site five days a week, thereby reducing reliance on remote work that facilitates such scams.

Victoria Craig highlights the ongoing debate: “Since the story published, there's been a lot of debate over this.” (10:02)

The Downfall of Christina Chapman

Christina Chapman's involvement in the scam led to severe personal consequences:

• Legal Repercussions: In October 2023, the FBI raided her home. Chapman pled guilty and faced potential sentencing of over nine years in prison.
• Financial Ruin: Despite initially improving her financial situation, Chapman ended up homeless after her involvement was exposed. Attempts to recover through GoFundMe, selling products on Amazon, and even gig work like DoorDash yielded minimal income.

Quote: “She struck a plea deal...she could be facing just a little bit more than nine years in prison for this.” (10:27)
Further Impact: “She struggled when this gig went away, and she eventually lost her home.” (10:57)

Conclusion

The episode underscores a critical vulnerability in the remote work ecosystem, where the flexibility and reach of digital employment can be exploited by international actors like North Korea. As remote work continues to be a staple in modern employment, the need for robust verification and security measures becomes increasingly paramount to prevent such sophisticated scams.

Produced by: Julie Chang
Theme Music: Jessica Fenton and Michael Lavalle
Supervising Producer: Melanie Roy
Development Producer: Aisha Al Muslim
Deputy Editors: Scott Salloway and Chris Sinsley
Head of News Audio: Falana Patterson

Note: Advertisements and non-content sections have been excluded to focus solely on the episode's core discussions and insights.