North Korean hackers have adopted a new method of cyber theft by posting fake job applications on cryptocurrency job boards. This strategy has already resulted in a staggering $600 million loss for the crypto industry as these operatives infiltrate projects to access sensitive information, compromise systems, and steal assets.
A recent report revealed the significant security risks posed by these fraudulent applicants. According to the United Nations Security Council, over 4,000 North Koreans have been covertly deployed to infiltrate the tech sector, including the cryptocurrency industry. The council’s report reveals that North Korean hackers have stolen $3 billion in crypto assets through 58 suspected cyberattacks over the past seven years. While the precise role of these fake employees in such attacks remains unclear, experts warn that this could be a sign of more extensive operations.
The cryptocurrency industry recently exploded, and growth is rapid, with Bitcoin ETFs trending and projects such as Solana and Aave in the decentralized finance space. Prominent crypto exchanges, including Coinbase and Binance, listed over 1200 new job listings in May, which is a sign of the sector’s growth. Nevertheless, this growth also attracts unsavory characters who operate around the demand for talents in the industry.
The rise in fake job applicants threatens to undermine the crypto industry’s core values of anonymity and pseudonymity. The lack of rigorous background checks allows North Korean operatives to infiltrate crypto companies relatively easily. As a result, 95% of clients have ceased hiring pseudonymous developers to mitigate the risks associated with these fraudulent applicants.
The financial rewards for North Korean crypto workers are substantial. Some earn up to $60,000 a month, with top earners retaining 30% of their earnings while the remainder is directed to authorities in Pyongyang. These earnings represent a significant sum in a country grappling with severe poverty and economic challenges.
Hackers Launder $35M from $305M DMM Bitcoin Hack via Huione MarketplaceAnother threat source is the Lazarus Group, a North Korean cybercriminal association that has attacked an array of crypto firms. Having been involved in the $540 million Ronin bridge hack in 2022, Lazarus has embezzled about $3.4 billion in cryptocurrencies since the creation of the company.
Due to the presence of North Korean hacker groups in the industry, the crypto community needs to step up their vigilance and reassess their staffing policies. It is critical to provide strict security measures and perform deep background checks to combat and prevent such complex threats and maintain the industry’s honor.