Changpeng Zhao, the co-founder of Binance, has cautioned that hackers from North Korea are becoming more sophisticated in their attacks on cryptocurrency firms. He recently shared on X (formerly Twitter) that these hackers are using increasingly advanced techniques.
“They exploit trust, creativity, and patience to breach platforms and steal user funds.”
In 2024, hackers believed to be from North Korea stole approximately $1.34 billion in cryptocurrency. Both the United States and the United Nations have stated that this stolen money is funding North Korea’s weapons development.
North Korean hackers are highly skilled, resourceful, and persistent. They use clever tactics to gain access to organizations, such as pretending to be job applicants – particularly in roles like development, security, and finance – to get their foot in the door. They also sometimes pretend to be employers themselves.
— CZ BNB (@cz_binance) September 18, 2025
Job Applications as a Trojan Horse in Crypto Security Breaches
One of the most common tactics involves posing as job candidates. CZ wrote:
Hackers frequently seek jobs as developers, in finance, or in security roles. Once they’re hired, they gain internal access, which gives them a lasting opportunity to launch attacks later on.
This approach lets them infiltrate companies and secretly set the stage for more significant attacks.
Fake Employers and Malware Hidden in Coding Tests
Attackers sometimes pretend to be employers. They conduct fake job interviews over Zoom, and during these calls, they’ll create fake technical problems to get employees to download harmful software disguised as updates.
CZ explained:
“In some cases, they send ‘sample code’ for a coding test. That code is secretly malware.”
This turns routine recruitment tasks into high-risk entry points.
Customer Support Exploits in Crypto Exchanges
Hackers often disguise themselves as ordinary people who need assistance. They might send links that appear safe, but actually lead to harmful websites.
CZ cautioned that if an employee clicks a malicious link, hackers could steal information or directly access the company’s systems.
Insider Bribery and Outsourced Service Vulnerabilities
Hackers sometimes avoid security systems by offering bribes to employees or by attacking the companies that their targets work with.
CZ pointed to a recent case:
A significant data breach in India, targeting a company that provides services to others, resulted in the leak of sensitive information from a U.S. financial exchange. This led to losses of more than $400 million for users.
Social Engineering Attacks: From Screen Sharing to One-Click Hacks
Crypto investor Anndy Lian added his warning on X:
You don’t have to open a file for hackers to get into your system. Simply sharing your screen can give them access.
CZ pointed out that even simple hacks, such as the reported phone breach of Jeff Bezos, demonstrate the risk of clicking on any link.
Community members echoed these concerns. One investor wrote:
“I lost my Instagram account after clicking a link. The hackers took over instantly.”
Lian shared that he permanently lost access to his original Instagram account, highlighting how difficult it is to get it back once you’ve lost control.
North Korea’s Lazarus Group and Global Crypto Theft
For over ten years, the Lazarus Group – a hacking organization supported by the North Korean government – has stolen billions of dollars worth of cryptocurrency. Chainalysis reports that they stole almost $1.7 billion in 2022 alone, and have continued to steal hundreds of millions more in both 2023 and 2024.
Reports suggest 2025 is already on track to see massive thefts linked to these groups.
CZ ended his post with a clear reminder:
“Stay SAFU. Awareness and discipline are still the best defenses against these persistent threats.”
Never Miss a Beat in the Crypto World!
Get the latest information on Bitcoin, altcoins, and the world of digital finance with our breaking news, in-depth analysis, and live updates on trends like DeFi and NFTs.
FAQs
North Korean hackers are known for stealing cryptocurrency by disguising themselves as job applicants, pretending to be employers, or impersonating regular users. They use techniques like malicious software, deceptive links, and even bribing people on the inside to break into cryptocurrency platforms.
To protect your crypto from these hackers, be careful about what you click, always double-check who you’re interacting with online, and never share your screen with anyone. It’s crucial to verify potential employers before engaging with them.
The largest cryptocurrency hack of 2025 so far was the attack on Bybit in February. North Korean hackers managed to steal $1.5 billion worth of Ethereum from a secure, offline (cold) wallet, making it the biggest crypto hack ever recorded.
Read More
- Trail’s End Quest (Shakra’s Location) In Silksong
- Great Taste of Pharloom Quest In Silksong (Rasher, Crustnut, Muckmaggot, Nectar, Mossberry)
- Far Fields Secret Area Route Guide In Silksong
- ETH PREDICTION. ETH cryptocurrency
- Cogheart & Cogwork Heart Guide (How To Get & Use) In Silksong
- Pinstress Location (Fatal Resolve Quest) In Silksong
- Abyss Map Location (& How To Reach It) In Silksong
- Heart of The Wild (Hunter’s Heart) In Silksong
- All Data Pad Locations (Week 1) Destiny 2
- What to Do With the Architect Key in Silksong?
2025-09-18 10:36