Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
North Korean hackers penetrate crypto companies via job postings: report

North Korean hackers penetrate crypto companies via job postings: report

The BlockThe Block2024/07/15 17:01
By:The Block

Quick Take North Korean hackers are infiltrating crypto job postings, according to a DL News report. Security expert Taylor Monahan says exploiters use “social engineering” to worm their way into company servers and access sensitive information. North Korea is reportedly behind at least $3 billion in crypto losses to date.

North Korean hackers are infiltrating crypto job postings, according to a report by trade publication DL News .

“[M]ounting evidence suggests a number of these bogus applicants appear to be North Korean nationals who are trying to infiltrate crypto projects for nefarious purposes, including gathering sensitive data, hacking, and stealing assets,” according to an article posted Monday.

The problem isn’t relegated just to the crypto industry; according to the United Nations Security Council, more than 4,000 North Koreans have been hired by Western technology firms. These “fake hiring schemes” earn the Hermit Kingdom over $600 million in revenue, according to the UN.

However, recent evidence has suggested one of the ways North Korea has looked to target crypto firms is by placing units on the inside. Security expert and MetaMask developer Taylor Monahan has written extensively about how hackers use “social engineering” to worm their way into companies or access sensitive information.

One long-time method, Monahan wrote in a recent thread on X :

  • “Contact employee via social/messaging app"
  • “Direct them to a Github for a job offer, "skills test," or to help with a bug"
  • “Rekt individual's device"
  • “Gain entry to company's AWS"
  • “Rekt company (and their users)"

Monahan cited two examples of conversations shared with her between employees of an unnamed company allegedly contacted by North Korean hackers. The would-be infiltrators seemingly follow a script to get unsuspecting developers to download malware.

Likewise, according to DL New’s investigation, hackers are said to follow a script when applying to multiple jobs and often copy the resumés or LinkedIn profiles of real people. The problem is complicated given that pseudonymity is embraced by the crypto community.

Exploits remain a massive issue across the industry with investors thought to have lost at least $664 million in the first half of 2024 alone, according to DeFiLlama. North Korean actors are especially prolific and are allegedly behind some of the largest crypto hacks to date including the Ronin bridge , DMM Bitcoin crypto exchange and Estonia-based Atomic Wallet .

The UN estimates North Korean hackers have stolen $3 billion worth of crypto assets to date.


0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!

You may also like

Leading candidate for US SEC chief announced

HappyCoinNews2024/11/29 17:11

Trump Explores CFTC Control Over Crypto Regulation

The agency currently operates with fewer resources than the SEC, which could be challenging should it regulate crypto.

Altcoinbuzz2024/11/29 17:11

Former UK Minister Joins Bitcoin VC Firm Axiom as Advisor

Former UK minister John Baker joins Axiom as a paid advisor, focusing on Bitcoin.

Altcoinbuzz2024/11/29 17:11