Victoria Craig (3:20)

Tell us about Christina Chapman, because she was one of the people in America who participated in this scheme.

Bob McMillan (3:26)

Christina Chapman's case was interesting because you had the court record that sort of had all these allegations of what she was doing. And then she left a very long TikTok trail of just all kinds of political tiktoks, personal tiktoks, tiktoks about Japanese boy bands. But embedded in that were a few comments on her work and her situation in life.

Mark (3:49)

And I did not make my own breakfast this morning. My clients are going crazy. So I just got a smoothie bowl. It's an acai smoothie bowl and it has bananas, strawberries.

Bob McMillan (4:00)

But coincidentally in the background you can see I counted at least 10 laptops there. They've got like post it notes on them that apparently say, like the name of the worker and the company they're supposed to be working for. And you hear them just whirring away in her apartment.

Victoria Craig (4:15)

And what made Chapman a target for this kind of scam?

Bob McMillan (4:18)

Her story is probably in many ways very typical of these people. They are gig workers who reach a point in their life where they're desperate. And that's what happened with Christina Chapman. She was basically living in a trailer in Minnesota. She didn't have any heat. She was showering at her local gym. She really was at a dead end in her life. And this offer came in through LinkedIn saying, hey, do you want to be our US representative? It became clear pretty quickly that some of the stuff she was doing was illegal. It's at least fraudulent. Right. But she was desperate and it really did turn her life around. I mean, she ended up having a much better quality of life as a result of this job. The problem is it's completely illegal.

Victoria Craig (4:57)

So the question about whether these people who are acting on behalf essentially of the North Koreans, whether they know what they're doing, is illegal. Christina Chapman may not have known the nationality of the people she was working with, but you write that she did acknowledge that she could, quote, go to Federal prison for falsifying federal documents.

Bob McMillan (5:17)

Yeah, it's pretty hard to do this gig without realizing you're doing something illegal, right? Because quite often you have to like forge signatures. You have to facilitate the presentation of fake credentials. But if you look at the court record, she's basically saying, hey, what you're asking me to do is illegal all the time. And the thing is that if you do fraud, that's one thing. But if you do fraud in support of the North Koreans, that's way worse.

Victoria Craig (5:44)

Coming up, a look at the corporate side of this scheme, who the scammers are targeting and what they want. After the break.

Reba (5:57)

Isn't home where we all want to be? Reba here for realtor.com, the Pro's number one most trusted app. Finding a home is like dating. You're searching for the 1 with over 500,000 new listings every month. You can find the one Today, download the realtor.com app, cause you're nearly home. Make it real with realtor.com Pro's number.

N/A (6:19)

One most trusted app. Based on August 2024 proprietary survey. Over 500,000 new listings every month based on average new for sale and rental listings. February 2024 through January 2025.

Victoria Craig (6:33)

To make a laptop farming scam, successful tech specialists usually trained in North Korea's technical education programs, need a backdoor into corporate America. We're back with WSJ reporter Bob McMillan who's been reporting on this. Bob, you write that Christina Chapman, the so called laptop farmer who we heard about earlier, helped North Koreans who got jobs at big companies like at a top five national television network here, a premier Silicon Valley tech company, an aerospace and defense manufacturer, and the list goes on. How exactly does this process work? How do they effectively trick the companies into hiring people who are really based in North Korea, China or even Russia?

Bob McMillan (7:15)

As you report, they basically operate a complete shadow economy. They have LinkedIn profiles, they have GitHub repositories where they store source code. They even have fake companies that they can use as references. So they build this sort of simulation of a legitimate, usually a tech worker profile. And then they just are so good at bombarding people with job requests. Companies have different levels of diligence they do around making sure the people they're hiring for remote work are real. A lot of them require that you come in, but some don't. And so with the people who can just straight up be hired by a staffing agency, for example, and never even have to show up, that's kind of an easy one. For them. But even if a company requires, like a face to face meeting, the North Koreans have a way around that. For a while, they were doing virtual face to face meetings with AI driven avatars. So they're these, like, fake faces that they would show up on zoom meetings. And when people started figuring out how to get around that, like, if you ask the AI avatar to wave their hand in front of them, then the software doesn't work, and so you can tell it's a fake person. So they got around that, though. They started hiring people who legitimately had tech skills to pass these interviews.

Victoria Craig (8:27)

And what do the North Koreans ultimately want from these workers?

Bob McMillan (8:31)

There are three things they want. First and foremost, they want money. Their regime is sanctioned. They have a hard time trading with anyone in the west, and they need cash. They need cash for their weapons program, for example. And the FBI estimates that they are making hundreds of millions of dollars a year just from paychecks from companies hiring these North Koreans, who by all accounts, some are terrible workers, and some are, like, not bad. Some last months or even years at these companies. And so they found sort of a hack of our remote work situation right now. So that's the first thing they want is money. The second thing, they want more money. So quite often they'll exfiltrate data. They'll steal your corporate secrets, your source code, custom information, and then they will threaten to dump it if you once you fire them. And so they'll extort you. So that's number two. And then the third case is murky, but the FBI suspects that they are also conducting espionage. So they've hit aerospace companies. There are certain types of companies that might have secrets that the North Korean regime would be interested in. So those are the three things they're doing.

Victoria Craig (9:36)

And how widespread is this?

Bob McMillan (9:38)

The FBI thinks there are thousands of these workers out there. And what's fascinating to me is I heard about this scam a couple of years ago. And where it started was in the cryptocurrency world, like, the crypto companies were getting hit with these fake workers all the time. And I didn't realize until I wrote this story how incredibly widespread it is. It feels like anybody who is hiring a remote worker has to worry about this.

Victoria Craig (10:02)

And is there anything the companies can do once they find out that this has happened to them?

Bob McMillan (10:07)

Since the story published, there's been a lot of debate over this. I actually asked Amazon's CSO about this problem, and he was aware of it. And I said, what can you do about it? And he said, well, you could have your employees come in five days a week.

Victoria Craig (10:21)

So just close the loop on Christina for us. What ended up happening to her once she was found out?

Bob McMillan (10:27)

Essentially, the FBI raided her house in October of 2023. She was charged the next year, and she struck a plea deal. So she's pled guilty and she's due to be sentenced on July 16. According to the terms of her plea deal, she could be facing just a little bit more than nine years in prison for this.

Victoria Craig (10:49)

Wow. Wow. But her financial situation didn't turn out any better. She essentially wound up almost back where she was before. Isn't that right?

Bob McMillan (10:57)

It was worse, really. I mean, she's living in a homeless shelter now. She attempted to do a variety of things after the raid. The North Koreans didn't pay her for her final month of services. And she tried to do a GoFundMe. She tried to sell coloring books on Amazon. She did doordash one night and made $7.25 doing it. She struggled when this gig went away, and she eventually lost her home. And she's. Yeah, living in a homeless shelter now.

Victoria Craig (11:27)

That was WSJ reporter Bob McMillan there. And that's it for Tech News Briefing. Today's show produced by Julie Chang. I'm your host, Victoria Craig. Jessica Fenton and Michael Lavalle wrote our theme music. Our supervising producer is Melanie Roy. Our development producer is Aisha Al Muslim. Scott Salloway and Chris Sinsley are the deputy editors. And Falana Patterson is the Wall Street Journal's head of news audio. We'll be back this afternoon with TNV Tech Minute. Thanks for listening.

Reba (11:58)

Isn't home where we all want to be? Reba here for realtor.com the Pro's number one most trusted app. Finding a home is like dating. You're searching for the 1 with over 500,000 new listings every month. You can find the one today. Download the realtor.com app cause you're nearly home. Make it real with realtor.com Pro's number.

N/A (12:21)

One most trusted app based on August 2024 proprietary survey. Over 500,000 new listings every month based on average new for sale and rental listings February 2024 through January 2025.