Up to a fifth of all crypto companies may incorporate North Korean workers into their operations, security experts at DebConnect in Buenos Aires have warned.
summary
- Up to 20% of cryptocurrency companies may have unwittingly employed North Korean workers.
- An estimated 30-40% of crypto-related job seekers are North Koreans attempting to infiltrate companies.
- North Korea stole over $3 billion in cryptocurrencies over three years to fund its nuclear program.
Pablo Sabbatella, founder of Web3 auditing firm Opsek and member of the Security Alliance, shared estimates that suggest the problem extends far beyond isolated incidents.
The flood of job applications to crypto companies presents an even more troubling picture. Sabatella estimates that approximately 30 to 40 percent of applicants are attempts by North Korea to obtain employment.
You may also like: Robert Kiyosaki sells $2.25 million in Bitcoin: Here’s what changed his mind
Sanction evasion through identity theft schemes
International sanctions prevent North Koreans from applying for jobs using their real identities. A workaround is to hire foreign nationals as fake employees.
Freelance platforms like Upwork and Freelancer have become hunting grounds for these recruitment agencies, targeting workers in Ukraine, the Philippines, and similar countries.
The arrangement would split the revenue 80-20, giving North Korean operatives a larger share. Collaborators provide verified credentials or allow remote use of their identity.
US companies face specific targeting. North Korean operatives claim they need interview assistance for Chinese applicants who do not speak English.
The “frontperson” infects the computer with malware during this process, giving the agent more access to U.S. IP addresses and the entire Internet than North Korea allows.
Companies often hire these workers on a long-term basis. “They work hard, they work hard and they never complain,” Sabatella told local news. Performance reduces suspicion while increasing access to sensitive systems.
You may also like: Ethereum ETF records 8 consecutive days of outflows, but ETH price fails to regain $2,800
Weak security practices enable large-scale theft
North Korean cyber operations have stolen more than $3 billion in cryptocurrencies over three years, according to November statistics from the U.S. Treasury Department.
The stolen funds flow directly into North Korea’s nuclear weapons program.
Mr. Sabatella directly criticized industry practices. He argued that crypto companies have weaker operational security than other areas of computing.
Founders publicly reveal their identities, mishandle private keys, and succumb to manipulative tactics.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
