North Korean hackers penetrate crypto companies via job postings: report
Quick Take North Korean hackers are infiltrating crypto job postings, according to a DL News report. Security expert Taylor Monahan says exploiters use “social engineering” to worm their way into company servers and access sensitive information. North Korea is reportedly behind at least $3 billion in crypto losses to date.
North Korean hackers are infiltrating crypto job postings, according to a report by trade publication DL News .
“[M]ounting evidence suggests a number of these bogus applicants appear to be North Korean nationals who are trying to infiltrate crypto projects for nefarious purposes, including gathering sensitive data, hacking, and stealing assets,” according to an article posted Monday.
The problem isn’t relegated just to the crypto industry; according to the United Nations Security Council, more than 4,000 North Koreans have been hired by Western technology firms. These “fake hiring schemes” earn the Hermit Kingdom over $600 million in revenue, according to the UN.
However, recent evidence has suggested one of the ways North Korea has looked to target crypto firms is by placing units on the inside. Security expert and MetaMask developer Taylor Monahan has written extensively about how hackers use “social engineering” to worm their way into companies or access sensitive information.
One long-time method, Monahan wrote in a recent thread on X :
- “Contact employee via social/messaging app"
- “Direct them to a Github for a job offer, "skills test," or to help with a bug"
- “Rekt individual's device"
- “Gain entry to company's AWS"
- “Rekt company (and their users)"
Monahan cited two examples of conversations shared with her between employees of an unnamed company allegedly contacted by North Korean hackers. The would-be infiltrators seemingly follow a script to get unsuspecting developers to download malware.
Likewise, according to DL New’s investigation, hackers are said to follow a script when applying to multiple jobs and often copy the resumés or LinkedIn profiles of real people. The problem is complicated given that pseudonymity is embraced by the crypto community.
Exploits remain a massive issue across the industry with investors thought to have lost at least $664 million in the first half of 2024 alone, according to DeFiLlama. North Korean actors are especially prolific and are allegedly behind some of the largest crypto hacks to date including the Ronin bridge , DMM Bitcoin crypto exchange and Estonia-based Atomic Wallet .
The UN estimates North Korean hackers have stolen $3 billion worth of crypto assets to date.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Leading candidate for US SEC chief announced
Vancouver Mayor Proposes Adding Bitcoin to Municipal Balance Sheet
Trump Explores CFTC Control Over Crypto Regulation
The agency currently operates with fewer resources than the SEC, which could be challenging should it regulate crypto.
Former UK Minister Joins Bitcoin VC Firm Axiom as Advisor
Former UK minister John Baker joins Axiom as a paid advisor, focusing on Bitcoin.