Chapman also helped the foreign fraudsters steal the identities of more than 70 US nationals, then use those identities to apply for remote IT jobs, according to the Feds.
Those who successfully obtained employment as part of the scam then received payroll checks at Chapman's home with direct deposits sent to her US bank accounts before ultimately being laundered and funneled to North Korea…
So, bit more involved than just running a VPN/proxy service.
ty6853 18 hours ago [-]
There was probably an army of NK workers to do the lifting. By design an American would have had responsibilities limited to signing the right dotted lines and being a pretty white face at the bank.
0cf8612b2e1e 18 hours ago [-]
Sure, but you lose the ability to claim ignorance about the farm’s activities when you are receiving other people’s pay checks.
readthenotes1 17 hours ago [-]
[flagged]
danielheath 12 hours ago [-]
It's not racist to point out that a white person in the US is far less likely to attract scrutiny from law enforcement, and that's a useful - even qualifying - trait for certain roles in a criminal enterprise.
obitsten 15 hours ago [-]
[dead]
jollyllama 16 hours ago [-]
ADP could probably find a lot of these pretty quickly.
bwoj 12 hours ago [-]
Sure, but why would they? They’re profiting too.
brendang_sd 16 hours ago [-]
[dead]
csdx 15 hours ago [-]
Apparently the best way to filter out fake NK workers in interviews, one can just ask: “How fat is Kim Jong Un?” [1]. I am not sure how true it is, but I found it amusing anyway.
Also I just realised this is my second HN comment, last one was 11 years ago exactly today. 1/365 chance I guess. Not bad.
I’d say I’m also probably quite likely to instantly leave an interview call if I’m asked this, it’s a pretty unhinged question to be asked out of nowhere, not sure how high their false positives are with that one
bozhark 15 hours ago [-]
NK spy found. Sorry, DPRK Agent
bozhark 15 hours ago [-]
See you for round 2 in 2036
arccy 19 hours ago [-]
I wonder if the laptops are organic, free range laptops
bArray 19 hours ago [-]
The laptops get a minimum of 30 minutes of fresh air a day via HVAC and they're fed on green energy (courtesy of the neighbour). Occasionally the laptops play up and get overheated, in which case they are taken out and isolated until their behaviour is corrected.
Bluestein 18 hours ago [-]
Beatings would, then, continue until behaviour improved ... :)
devonbleak 19 hours ago [-]
Farm to table laptops
gosub100 18 hours ago [-]
Cattle, not pets
kgwxd 18 hours ago [-]
Gateway 2000s, not Commodores
2000UltraDeluxe 5 hours ago [-]
Still waiting for my Amiga MMC >:(
JadeNB 17 hours ago [-]
I hope that's a reference to the old Gateway cow-patterned logo.
userbinator 17 hours ago [-]
...which I believe is itself a reference to (farmer in the) Dell.
bitwize 15 hours ago [-]
It's because Gateway (as Gateway 2000) was originally based in Iowa and founded by a guy who came from a cattle farming family.
JadeNB 12 hours ago [-]
> ...which I believe is itself a reference to (farmer in the) Dell.
That would be very funny, but it would explain why Dell might use that logo, not why Gateway might, right?
15 hours ago [-]
18 hours ago [-]
belter 18 hours ago [-]
They run the Todelo Family OS so ICE will be on the case...
autoexec 17 hours ago [-]
A VPN or a botnet would have accomplished the same thing as the laptops. The real problem was that she opened bank accounts, had the scammers direct deposit their checks there and then tried to launder the money and get it back to North Korea
JohnMakin 16 hours ago [-]
> A VPN or a botnet would have accomplished the same thing as the laptops.
Erm, no. Company is going to ship you a laptop and you are a NK spy. Where do they send it?
carterschonwald 17 hours ago [-]
Has anyone else seen the term “Norks” before? The intended meaning is clear when it’s used midway in the article but I’ve never seen it ever before.
decimalenough 16 hours ago [-]
It's an old US military/intelligence term.
And it's somewhat amusing in Australia, where "norks" is slang for "tits".
gerdesj 15 hours ago [-]
Norks has at least two meanings in en_GB. North Koreans and (generally) female breasts. The first has a pretty obvious derivation and the second is anyone's guess.
Surely no-one would conflate norks with norks. Please, no riffing on the sheer size of the Dear Leader's ... errm ... norks.
Now, how about "nack", "nark", "nick", "nock", "neck", "nerk" and "nuck"? I know they are all valid en_GB words, except nuck but I'll bet it is in use somewhere. Slap a k on the front for more fulsome larkery.
Hopefully that has cleared that up.
(edit: add some more n..k words and a note about a leading k)
Wingman4l7 15 hours ago [-]
First place I ever heard it was in the FPS game Homefront, where you're part of a "resistance movement fighting in the near-future against the military occupation of the Western United States by a reunified Korea".
bsimpson 17 hours ago [-]
The Register has a reputation for being playful with language.
floren 17 hours ago [-]
El Reg uses it pretty consistently.
burnte 17 hours ago [-]
Took me a moment to figure it out too.
sigtrap 19 hours ago [-]
So I guess it isn’t that hard to get a completely remote no-facetime job after all?!
mxuribe 16 hours ago [-]
I read somewhere quite recently (sorry, don't have ref. right now) that its a bit of a large team effort (several to many engineers working together) to ensure getting the job, and then a continued team effort (again several to many engineers) to ensure continued high performance at said job...in order to be able to persist the operations. Quite clever as i understand, though brutal for participants i also imagine.
londons_explore 13 hours ago [-]
Merely bypassing the companies protections will be quite a lot of work.
The new Microsoft authenticator app checks if the phone is rooted and checks for valid GPS and VPN connections before it'll allow access for example.
theandrewbailey 2 hours ago [-]
I guess I'll have to ask for a phone along with a laptop from any potential employer that requires this app. (I wonder if MS Authenticator would even run on my de-Googled Android.) I'd much prefer to keep work equipment separate from personal equipment anyways.
0cf8612b2e1e 13 hours ago [-]
Wait, so if GPS is disabled, I cannot use their authentication app? How dare I presume to pretend to have any privacy.
stackskipton 13 hours ago [-]
Depends on the setting of the company in question. By default, it's not required.
IshKebab 18 hours ago [-]
Presumably not if you're willing to work for North Korean salaries.
throw7 17 hours ago [-]
What is "The Norks"? (apparently it can mean "tits", but I'm pretty sure that's not what it means here)
some_random 16 hours ago [-]
Colloquial term for North Koreans, similar to Chicoms (Chinese Communists). I'm not what the modern connotation is, in my mind it's a little suspect but not really offensive compared to the typical race based terms used in other conflicts.
mmh0000 17 hours ago [-]
Derogatory slang for North Koreans[1]
Though not commonly used; though it does pop-up from time-to-time[2]
Why, that sounds suspiciously like a nascent slur. And - as my Aussie comrades will confirm - a dreadful slang collision.
Ylpertnodi 26 minutes ago [-]
'Norks', has been around a while. Especially in Ukraine, where "Orc's", has been used to refer to russian invaders. Sticking an 'N' on the front just makes sense, especially in military environments.
Tits, though, have been around forever, and an aussie quirk-of-the-language shouldn't dictate international communication.
Let's just hope the Bazongan's don't get too yippy.
metalman 3 hours ago [-]
This is just the best indication that we are living in a whole new way of bieng.
All the pieces from a dark, cyberpunk book, except reality has it in some womans house,details missing, but likely in a spare bedroom, in ? suburban Arizona.
What I find unacceptable is that, Christina Marie Chapman, cyber criminal extrodinare, was not offered a plea deal to drag the NK actors further into the open, 17mill bieng inconsequential in the scale of the games afoot, and that there is an unseemly rush to get her out of the picture.
All in all a sureal and adsurd happening that deserves a closer look, just to make it clear, that this describes and defines our world and we better take note.
What was her motivation? Financial problems or just greed?
thinkingemote 2 hours ago [-]
She basically set up her own company and invoiced the "clients" for her services. To me, it appears that the clients over time pushed the envelope of illegality, that initially her company was innocent web design or something and she got sucked into doing things she very much knew were federal crimes.
cko 19 hours ago [-]
> Christina Marie Chapman pleaded guilty to conspiracy to commit wire fraud, aggravated identity theft, and conspiracy to launder monetary instruments in a US District Court on Tuesday.
Why not treason? Any lawyers know?
dragonwriter 19 hours ago [-]
> Why not treason?
The same reason almost no one is ever charged with treason, given the plethora of other criminal charges available to anything that might remotely be similar to treason: Article III, Section 3 of the US Constitution: “Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort. No Person shall be convicted of Treason unless on the Testimony of two Witnesses to the same overt Act, or on Confession in open Court.”
Even where the first part (in which, it should be noted, the terms involved are interpreted very narrowly) is not problematic, the “two witnesses" rule, which is applied independently to each fact necessary to sustain the conviction, is usually quite difficult to overcome, so its usually vastly easier to get a conviction for something else.
tcdent 18 hours ago [-]
It's rare that I come across a story about some questionable ethics in black hat tech and don't have some sympathy for the perpetrator.
But this is not that. This is blatant treason.
toast0 17 hours ago [-]
It's not levying war against the United States. I don't know what the legal definition of Enemies is, but I would imagine it would involve a declaration of war.
The Korean war was never formally resolved, but the US hasn't declared war since WWII.
There's also no indication of adherence here.
Doing things that benefit a country and a leader that your government officically doesn't care for can be all shades of prohibited and illegal, but it's not treason.
jcranmer 15 hours ago [-]
No one has been convicted of treason since WWII. One person has been charged with treason, but they were remote-murdered by the US government before they were tried, and it's not at all clear that a conviction would have withstood appeal. Note that Congress did expressly pass a resolution in the Global War on Terror that can be construed as declaring war on terrorists; if anything short of outright declaration of war qualifies as a foreign entity as an "enemy" for the purposes of the treason declaration, that is it.
mtVessel 17 hours ago [-]
| I don't know what the legal definition of Enemies is, but I would imagine it would involve a declaration of war.
These days, some vague tattoos will do it.
ceejayoz 18 hours ago [-]
It's run-of-the-mill organized crime that happens to benefit a shitty regime.
Eh, if your president and his stinky regime does it...
Brandeis wrote about how a lawbreaking government breeds contempt for the law and invites every man to be a lawbreaker by in 1928, but since then women have gained more rights: https://www.azquotes.com/quote/1062178
ceejayoz 19 hours ago [-]
The Constitution defines treason very narrowly - the only crime to be specifically defined in it:
> Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort.
The last time we convicted someone for it was in 1949.
abeppu 19 hours ago [-]
... is helping them get $17M not "giving Aid and Comfort"?
ceejayoz 19 hours ago [-]
We are not presently at war with North Korea.
eschaton 19 hours ago [-]
Actually the Korean War hasn’t ended yet.
ceejayoz 19 hours ago [-]
The US never declared war on North Korea in the first place, and there are no active hostilities between the two.
> The terms used in the definition derive from English legal tradition, specifically the Treason Act 1351. Levying war means the assembly of armed people to overthrow the government or to resist its laws. Enemies are subjects of a foreign government that is in open hostility with the United States.
paradox242 2 hours ago [-]
The Korean War was famously the first of many "police actions" the U.S. would become involved in after WW2, saving Congress the trouble having to turn up to authorize an actual war declaration.
cosmicgadget 18 hours ago [-]
Nor Venezuela, and yet the Alien Enemies Act has been invoked.
You are right, of course, but it's not relevant to policy decisions.
ceejayoz 18 hours ago [-]
I'd note that a Trump appointed judge just made that point about the AEA.
> He also found that the “plain ordinary meaning” of the act’s language, like “invasion” and “predatory incursion,” referred to an attack by “military forces” and did not line up with Mr. Trump’s claims about the activities of Tren de Aragua, a Venezuelan street gang, in a proclamation invoking the Alien Enemies Act.
15 hours ago [-]
mikeocool 19 hours ago [-]
Not a lawyer, but treason charges in the US are pretty rare -- there's been one person charged with Treason since 1954. Even the Rosenbergs weren't charged with Treason.
rdtsc 19 hours ago [-]
Too high of a bar. She would have to have an intent specifically to betray and hurt the US and act on it. Just acting or just having an intent is not enough.
cosmicgadget 18 hours ago [-]
These are financial crimes against Americans. They're not attacks on the country's security unless you take very broad view of security.
burnte 17 hours ago [-]
Because money laundering and trade with a banned nation isn't the same as attempting to overthrow the government.
19 hours ago [-]
RainyDayTmrw 7 hours ago [-]
OK. This was a pretty blatant case, especially the banking under false identities. Where do we draw the line, though? If you hire a freelancer online in good faith, and it turns out they're from a sanctioned place, how much are you liable, and how much should you be liable?
ChrisArchitect 18 hours ago [-]
News from February? C'mon OP.
Also mostly a 2024 story.
Related / connected Nashville case from last year:
US dismantles laptop farm used by undercover North Korean IT workers
Hey, not everything can be farm to table. Sometimes stuff has to get rerouted a few times.
rdtsc 18 hours ago [-]
> Fortune 500 companies, including a top-five television network, a premier Silicon Valley technology company, an aerospace and defense manufacturer, an American car manufacturer, a luxury retail chain, and a US-hallmark media and entertainment company.
> JOHN DOE 1, alias 한지호 Jiho HAN (HAN), was an individual residing overseas
who opened accounts with a foreign money service transmitter (“MST”) that conducts U.S. dollar
transactions through a branch in New York (hereinafter “MST-1”). HAN would then forward the funds to an individual in the People’s Republic of China (“China”). HAN also received funds from CHAPMAN for an overseas IT worker that CHAPMAN first deposited into one of her U.S. financial accounts.
> JOHN DOE 2, alias 浩然 徐 Haoran XU (XU), was an individual residing overseas who registered for financial accounts with U.S. MSTs. XU provided his name, date of birth, and a Chinese National ID to U.S. MSTs to register for these accounts.
> JOHN DOE 3, alias 春姬 金 Chunji JIN (JIN), was an individual residing overseas who registered for financial accounts with U.S. MSTs. JIN provided her name, date of birth, and a Chinese National ID to U.S. MSTs to register for these accounts
Aha so it's not just NK, China is involved as well. I would guess the Chinese govt is quite happy to look the other way here.
> On or about November 15, 2022, CHAPMAN messaged with an overseas IT worker using the screenname “Alexander The Great” (“AT”), wherein AT asked 21 CHAPMAN for assistance creating a background story for a stolen U.S. person identity, “Daniel B.” AT noted that the real Daniel B. had a criminal record and employers were asking for more information as to what offenses were committed. CHAPMAN provided a cover story and asked “What information do you know about Daniel B[.]?? Do you know his race?” AT responded that the real Daniel B. was “a black man” but that he (AT) was Asian. AT then gave CHAPMAN his “real full name,” which was a Chinese name
"Alexander the Great" - one can image a poor child, wanted to be a history major, but through an ugly twist of fate, they ended up as a hacker stealing identities and having to solve leet code puzzles with ChatGPT /s
mynameisjeb 17 hours ago [-]
[dead]
johnea 16 hours ago [-]
I have a serious issue with this idea that anyone trying to remote s/w engineer from North Korea is automatically a terrorist.
Maybe some of them are just trying to make a living?
Maybe a lot of them are economically disadvantageous because, like with Cuba, the US has been f_cking with them non-stop for the last 75 years?
Maybe instead of assuming that every person inside a geographic area agrees to all the exact same things, we should normalize relations with North Korea?
The Cold War, like all other wars, is an idiot's errand, which has contributed to the entrenched hostilities that continue to dominate international relations.
Maybe world leaders should try "adulting"?
Since pretending to be a grown-up seems to be as close as anyone gets anymore...
suid 16 hours ago [-]
> I have a serious issue with this idea that anyone trying to remote s/w engineer from North Korea is automatically a terrorist.
> Maybe some of them are just trying to make a living?I have a serious issue with this idea that anyone trying to remote s/w engineer from North Korea is automatically a terrorist.
> Maybe some of them are just trying to make a living?
No one in North Korea get to "just make a living" communicating with and working for foreign entities. This is a country that is so paranoid that every visitor to the country is required to stay with an official escort who will vet any contact you have with locals.
The only way that someone gets to communicate with a foreign entity is if they are employed, or closely managed, by the North Korean authorities.
ty6853 15 hours ago [-]
Maybe I'm the only one here but I don't see anything whatsoever wrong with employing literal genocidal terrorists in honest non-genocidal activity.
Not that I support what this lady did, which was fraud and identity theft.
notahacker 15 hours ago [-]
I'm not sure that agents of the North Korean government deemed loyal enough to get external internet access are looking for jobs at defense firms and devs in order to be good, honest employees that definitely wouldn't clone any technology or backdoor anything...
ty6853 15 hours ago [-]
Sure but if it were legal I would be fine with hiring them to like, pave my driveway or something.
johnea 15 hours ago [-]
Thanks for your support of getting people out of genocidal roles...
15 hours ago [-]
IncreasePosts 16 hours ago [-]
How are these poor people even getting internet? North Koreans can't just hop on the web.
Maybe if they live near the border with China they can use antennas to get onto someone Chinese persons wifi network?
netsharc 16 hours ago [-]
Indeed, it would be very implausible that a civilian North Korean would be able to accomplish all of: having the hardware, be able to get on a Chinese WiFi, and then have the education to be able to apply to IT jobs...
throwaway48476 16 hours ago [-]
They have offices with attached dormitories in China that they work out of.
Also I just realised this is my second HN comment, last one was 11 years ago exactly today. 1/365 chance I guess. Not bad.
[1] https://www.theregister.com/2025/04/29/north_korea_worker_in...
That would be very funny, but it would explain why Dell might use that logo, not why Gateway might, right?
Erm, no. Company is going to ship you a laptop and you are a NK spy. Where do they send it?
And it's somewhat amusing in Australia, where "norks" is slang for "tits".
Surely no-one would conflate norks with norks. Please, no riffing on the sheer size of the Dear Leader's ... errm ... norks.
Now, how about "nack", "nark", "nick", "nock", "neck", "nerk" and "nuck"? I know they are all valid en_GB words, except nuck but I'll bet it is in use somewhere. Slap a k on the front for more fulsome larkery.
Hopefully that has cleared that up.
(edit: add some more n..k words and a note about a leading k)
The new Microsoft authenticator app checks if the phone is rooted and checks for valid GPS and VPN connections before it'll allow access for example.
Though not commonly used; though it does pop-up from time-to-time[2]
[1] https://www.urbandictionary.com/define.php?term=Norks
[2] https://www.nationalreview.com/the-feed/korean-war-ii-watch-...
Why, that sounds suspiciously like a nascent slur. And - as my Aussie comrades will confirm - a dreadful slang collision.
Why not treason? Any lawyers know?
The same reason almost no one is ever charged with treason, given the plethora of other criminal charges available to anything that might remotely be similar to treason: Article III, Section 3 of the US Constitution: “Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort. No Person shall be convicted of Treason unless on the Testimony of two Witnesses to the same overt Act, or on Confession in open Court.”
Even where the first part (in which, it should be noted, the terms involved are interpreted very narrowly) is not problematic, the “two witnesses" rule, which is applied independently to each fact necessary to sustain the conviction, is usually quite difficult to overcome, so its usually vastly easier to get a conviction for something else.
But this is not that. This is blatant treason.
The Korean war was never formally resolved, but the US hasn't declared war since WWII.
There's also no indication of adherence here.
Doing things that benefit a country and a leader that your government officically doesn't care for can be all shades of prohibited and illegal, but it's not treason.
These days, some vague tattoos will do it.
We didn't even charge Soviet spies with treason. https://en.wikipedia.org/wiki/Robert_Hanssen
Brandeis wrote about how a lawbreaking government breeds contempt for the law and invites every man to be a lawbreaker by in 1928, but since then women have gained more rights: https://www.azquotes.com/quote/1062178
> Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort.
The last time we convicted someone for it was in 1949.
https://en.wikipedia.org/wiki/Treason_laws_in_the_United_Sta...
> The terms used in the definition derive from English legal tradition, specifically the Treason Act 1351. Levying war means the assembly of armed people to overthrow the government or to resist its laws. Enemies are subjects of a foreign government that is in open hostility with the United States.
You are right, of course, but it's not relevant to policy decisions.
https://www.nytimes.com/2025/05/01/us/texas-judge-trump-alie...
> He also found that the “plain ordinary meaning” of the act’s language, like “invasion” and “predatory incursion,” referred to an attack by “military forces” and did not line up with Mr. Trump’s claims about the activities of Tren de Aragua, a Venezuelan street gang, in a proclamation invoking the Alien Enemies Act.
Also mostly a 2024 story.
Related / connected Nashville case from last year:
US dismantles laptop farm used by undercover North Korean IT workers
https://news.ycombinator.com/item?id=41356483
Also:
We found North Korean engineers in our application pile
https://news.ycombinator.com/item?id=41353079
Wonder what those companies are, any guesses?
https://www.justice.gov/archives/usao-dc/media/1352191/dl
> JOHN DOE 1, alias 한지호 Jiho HAN (HAN), was an individual residing overseas who opened accounts with a foreign money service transmitter (“MST”) that conducts U.S. dollar transactions through a branch in New York (hereinafter “MST-1”). HAN would then forward the funds to an individual in the People’s Republic of China (“China”). HAN also received funds from CHAPMAN for an overseas IT worker that CHAPMAN first deposited into one of her U.S. financial accounts.
> JOHN DOE 2, alias 浩然 徐 Haoran XU (XU), was an individual residing overseas who registered for financial accounts with U.S. MSTs. XU provided his name, date of birth, and a Chinese National ID to U.S. MSTs to register for these accounts.
> JOHN DOE 3, alias 春姬 金 Chunji JIN (JIN), was an individual residing overseas who registered for financial accounts with U.S. MSTs. JIN provided her name, date of birth, and a Chinese National ID to U.S. MSTs to register for these accounts
Aha so it's not just NK, China is involved as well. I would guess the Chinese govt is quite happy to look the other way here.
> On or about November 15, 2022, CHAPMAN messaged with an overseas IT worker using the screenname “Alexander The Great” (“AT”), wherein AT asked 21 CHAPMAN for assistance creating a background story for a stolen U.S. person identity, “Daniel B.” AT noted that the real Daniel B. had a criminal record and employers were asking for more information as to what offenses were committed. CHAPMAN provided a cover story and asked “What information do you know about Daniel B[.]?? Do you know his race?” AT responded that the real Daniel B. was “a black man” but that he (AT) was Asian. AT then gave CHAPMAN his “real full name,” which was a Chinese name
"Alexander the Great" - one can image a poor child, wanted to be a history major, but through an ugly twist of fate, they ended up as a hacker stealing identities and having to solve leet code puzzles with ChatGPT /s
Maybe some of them are just trying to make a living?
Maybe a lot of them are economically disadvantageous because, like with Cuba, the US has been f_cking with them non-stop for the last 75 years?
Maybe instead of assuming that every person inside a geographic area agrees to all the exact same things, we should normalize relations with North Korea?
The Cold War, like all other wars, is an idiot's errand, which has contributed to the entrenched hostilities that continue to dominate international relations.
Maybe world leaders should try "adulting"?
Since pretending to be a grown-up seems to be as close as anyone gets anymore...
No one in North Korea get to "just make a living" communicating with and working for foreign entities. This is a country that is so paranoid that every visitor to the country is required to stay with an official escort who will vet any contact you have with locals.
The only way that someone gets to communicate with a foreign entity is if they are employed, or closely managed, by the North Korean authorities.
Not that I support what this lady did, which was fraud and identity theft.
Maybe if they live near the border with China they can use antennas to get onto someone Chinese persons wifi network?