How North Korean IT Workers Secretly Infiltrate Crypto Firms

Recent reports unveiled how North Korean IT workers made their way to top crypto companies, potentially harming their security.

Lazarus group's member is taking control of the blockchain.
Created by Kornelija Poderskytฤ— from DailyCoin
  • North Korean IT workers infiltrated crypto companies
  • Companies include Fantom, Sushi, and Injective.
  • North Korea uses foreign labor to get revenue. 

When North Korea and crypto appear in the news together, itโ€™s usually not a good sign. It usually has to do with either crypto hacks by the infamous Lazarus Group, or some type of sanctions violation. The most recent case is no different. 

Sponsored

A series of reports have uncovered how crypto companies unknowingly hired several North Korean IT workers. These workers used fake IDs and references to bypass checks. Other than potentially compromising major crypto companies, they also funnel money back to the North Korean regime. 

North Korean Workers Infiltrating Crypto Companies

North Korean workers are exploiting the crypto space in a new way. According to recent reports, individuals from the DPRK have gotten jobs at companies like Injective, ZeroLend, Fantom, and Sushi. 

These workers used face documentation to pass background checks. They also forged their work histories to gain attractive positions in these companies. In some cases, North Korean employees found jobs on freelance platforms or community-driven job boards. These are less likely to have strong vetting processes. 

Due to many crypto companies employing a remote workforce, it is often difficult for them to vet their employees. This is why many of these companies have discovered North Koreans in their workforce only after US government agencies alerted them over suspicious blockchain transactions. 

Why North Korean Hackers Are Looking For Jobs in Crypto

North Korean IT workers are looking for jobs in crypto for several reasons. The obvious reason is to get privileged access to companies that handle millions. For example, crypto investigator ZachXBT uncovered a $1.3 million hack in August and tied it back to North Korean contractors.ย 

https://twitter.com/zachxbt/status/1824047425822310580

Another such instance was that of the Sushi Swapโ€™s $3 million hack in 2021. Later, investigators discovered that North Korean IT workers were instrumental in the hack. Even beyond hacking opportunities, North Korean workers seek jobs abroad to funnel the money back to the regime. 

According to the UN, the DPRK regime earns as much as $600 million annually from its workforce abroad. This money is a key source of foreign currency for the financially struggling regime. This also prompted the US to issue a warning about North Korean workers posing as IT specialists from other locations.  

On the Flipside

Why This Matters

North Korean IT workers in the crypto industry pose a significant risk to global security and the crypto ecosystem. These workers funnel money to the DPRK, while also exposing crypto projects to risks of hacking. 

Read more about North Korean hackers: 
Microsoft Flags North Korean Hacker Targeting Crypto Users on Chromium

Read more about crypto exchanges pushing for compliance: 
As Exchanges Push Compliance, GRVT Partners with ComplyCube 

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Author
David Marsanic

David Marsanic is DailyCoinโ€™s journalist, focusing on Solana and crypto exchanges. David currently doesnโ€™t hold any crypto.

Read more