North Korean hackers are infiltrating cryptocurrency job postings, according to a report in a trade publication. DL News.
According to an article published on Monday, “Evidence suggests that many of these fake applicants are likely North Korean nationals attempting to infiltrate crypto projects for illicit purposes, including collecting sensitive data, hacking, and stealing assets.”
The problem is not limited to the cryptocurrency industry. According to the UN Security Council, more than 4,000 North Koreans have been employed by Western technology companies. According to the UN, these “fake employment schemes” are generating more than $600 million for the hermit kingdom.
However, recent evidence suggests that one way North Korea targets cryptocurrency companies is by deploying units inside. Taylor Monahan, a security expert and MetaMask developer, has written extensively about how hackers use “social engineering” to infiltrate companies or gain access to sensitive information.
Monahan wrote a long-winded way about this in a recent thread about X:
- “Contact staff via social/messaging apps”
- “Direct me to Github for job offers, “tech tests” or bug fixes”
- “Rekt Personal Device”
- “Enter the company’s AWS”
- “Rekt Company (and Users)”
Monahan cited two instances of conversations she shared with unnamed company employees who were allegedly contacted by North Korean hackers. The infiltrators appeared to follow a script to get unsuspecting developers to download malware.
Likewise, DL New’s research found that hackers follow a script when applying for jobs, often copying real people’s resumes or LinkedIn profiles. The problem is compounded when you consider that pseudonyms are accepted in the crypto community.
According to DeFiLlama, exploits remain a major problem across the industry, with investors losing at least $664 million in the first half of 2024 alone. North Korean actors are particularly prolific, and are known to be behind some of the largest cryptocurrency hacks to date. Ronin Bridge, DMM Bitcoin Cryptocurrency Exchange and Estonia-based Atomic Wallet.
The UN estimates that North Korean hackers have so far stolen $3 billion worth of cryptocurrency.
Disclaimer: The Block is an independent media outlet providing news, research and data. As of November 2023, Foresight Ventures is the largest investor in The Block. Foresight Ventures invests in other companies in the cryptocurrency space. Cryptocurrency exchange Bitget is an anchor LP of Foresight Ventures. The Block continues to operate independently to provide objective, impactful and timely information on the cryptocurrency industry. Below are the current financial disclosures.
© 2023 The Block. All rights reserved. This article is provided for informational purposes only. It is not provided or intended to be legal, tax, investment, financial or other advice.