As an analyst with over two decades of experience in cybersecurity and technology, I find the recent CoinDesk investigation into North Korean infiltration of the crypto industry both alarming and unsurprising. My career has taken me through the darkest corners of the internet, where I’ve encountered more than a few unsavory characters.
A crypto investigation recently deep-dived into one of the industry’s largest problems, revealing its extent might be larger than suspected. The report exposed how North Korean hackers have targeted and infiltrated the sector, presenting many legal and cybersecurity risks for companies and investors.
DPRK Infiltration Targets The Whole Industry
A recent study by CoinDesk uncovered that the cryptocurrency sector has been compromised, with more than a dozen firms discovered to have been infiltrated by North Korean methods aimed at circumventing sanctions and obtaining funds from these ventures.
It was uncovered in a study that various businesses, such as established ventures like Fantom, Injective, Yearn Finance, ZeroLend, and Sushi, unexpectedly employed Information Technology professionals originating from the Democratic People’s Republic of Korea (DPRK).
Furthermore, the interviews conducted with various founders, specialists from the industry, and blockchain researchers revealed that the issue is much more widespread than initially anticipated, suggesting a high incidence of infiltration.
In the course of their investigations, many hiring management teams disclosed that they had interacted with or were acquainted with individuals believed to be North Korean software developers.
In 2021, blockchain developer Zaki Manian admitted he inadvertently employed two North Korean IT specialists to work on the Cosmos Hub blockchain. He stated that it’s challenging for everyone in the field to identify these individuals because the likelihood of a job applicant hailing from North Korea is more than 50% across the industry.
Investigator ZachXBT revealed a series of exploits linked to North Korea back in August, disclosing that he found more than 25 cryptocurrency initiatives developed by North Korean programmers who have been operating since June 2024.
As a researcher delving into the realm of cryptocurrency, I recently unveiled the identities and locations of 21 individuals who had clandestinely entered the industry over a three-month period. Moreover, my investigation exposed a concerning trend: North Korean operatives are allegedly earning between $300,000 to $500,000 per month by working on more than 25 projects simultaneously under false identities.
Crypto Hacks Are Not Like Hollywood Movies
The analysis found that North Korean cyber-attacks deviate from the typical portrayal in movies about hacking. Typically, these attacks utilize methods such as social engineering where hackers gain the confidence of the team to acquire access to confidential data, often by sending a harmful link.
According to Taylor Monahan, Product Manager at MetaMask, it’s unusual for the Democratic People’s Republic of Korea (DPRK) to perform a genuine hacking exploit. Instead, they typically rely on social engineering tactics to gain access to devices, followed by the theft of private keys.
In many nations, it’s forbidden to employ workers from North Korea because of international sanctions. To get around this restriction, developers from North Korea often use fraudulent paperwork to conceal their true nationality. Initially, these deceptive actors perform well on the job to win over their employers’ trust before carrying out malicious activities.
As time goes by, it becomes apparent that there are inconsistencies and discrepancies in the stories of these crypto companies. This realization comes from the fact that they’ve apparently fallen victim to a synchronized attack. On occasions, they find out that they’ve been dealing with multiple individuals who have deceptively presented themselves as one person, or that multiple employees within their organization turn out to be the same person.
According to Bitcoinist, the Ethereum-based NFT gaming platform Munchables experienced an attack that led to a loss and subsequent recovery of approximately $60 million in cryptocurrency in March, when one of its developers turned into a hacker.
It turned out that the robbery was orchestrated from within the organization itself, and it was connected by various experts such as Laura Shin and ZachXBT to the North Korean administration. Furthermore, there was a strong suspicion that the four developers on the team were actually a single individual.
In the end, it was found that numerous cryptocurrency initiatives hiring North Korean tech workers suffered cyber attacks, with Sushi being compromised in 2021 and more recently Delta Primes in September 2024.
Read More
- LUNC PREDICTION. LUNC cryptocurrency
- BTC PREDICTION. BTC cryptocurrency
- USD PHP PREDICTION
- BICO PREDICTION. BICO cryptocurrency
- USD ZAR PREDICTION
- USD CLP PREDICTION
- USD COP PREDICTION
- VANRY PREDICTION. VANRY cryptocurrency
- SOL PREDICTION. SOL cryptocurrency
- EUR RUB PREDICTION
2024-10-03 18:12