2020年刚完成程式训练营后，亚利桑那州的Christina Chapman在LinkedIn上受邀成为一家替美国公司「配对海外工程师」的软体公司的「门面」。随后多台笔电寄到她家，她的工作只是开机、设定、再放著不动；她后来表示并不知道雇主其实与北韩政府有关。

美国司法部指出，这套计划把北韩IT人员以窃取的美国身分取得美国公司的远端工作，薪资再回流平壤，金额达「数百万美元」，并被美方认为有助于资助北韩武器计划。受访的北韩IT人员描述，若未达配额，将面临虐待、处罚，甚至死亡威胁。

案件线索来自一家美国公司：新员工把Chapman住址填为地址引发怀疑；FBI与国税局据此搜证，最终上门逮捕。Chapman认罪后于7月被判刑102个月，约8年；美国检察官Jeanine Pirro表示刑度反映罪行严重，并称她已「跨越重大界线」。

After finishing a coding boot camp in 2020, Arizona resident Christina Chapman was recruited via LinkedIn to be the public “face” of a firm that matched overseas engineers with US companies. Laptops then arrived at her home, and her task was to power them on, set them up, and leave them running for remote access.

US authorities say the operation used stolen American identities to place North Korean IT workers into remote jobs at US firms and funnel “millions of dollars” back to Pyongyang, money the US government says helped finance North Korea’s weapons program. A North Korean worker described intense quota pressure, abuse and punishment, and even threats of death for failing to perform.

Investigators were tipped off when a US company grew suspicious after a new employee listed Chapman’s home address; the FBI and IRS built a case and eventually arrested her. Chapman pleaded guilty and was sentenced in July to 102 months in federal prison (about eight years), with US Attorney Jeanine Pirro calling the term proportionate to the crime’s seriousness.