Blockchain investigator ZachXBT has discovered evidence of a network of North Korean developers who work for “established” crypto projects and earn up to $500,000 per month.
Discovery and Suspicions
In an Aug. 15 post on X, ZachXBT informed his followers that he believes a “single entity in Asia,” likely operating out of North Korea, is receiving $300,000 to $500,000 per month and employing at least 21 workers to contribute to over 25 crypto projects. He stated that a team reached out to him for assistance after $1.3 million was stolen from the treasury due to malicious code. The team unknowingly hired multiple North Korean IT workers as developers who were using fake identities. ZachXBT uncovered over 25 related crypto projects active since June 2024.
Discovered Transactions
ZachXBT claims that the most recent $1.3 million stolen by DPRK staff was laundered through a series of transactions, including transferring to a theft address and culminating in 16.5 Ether being sent to two separate crypto exchanges. He found that around $375,000 was paid out over the last month using multiple payment addresses for 21 developers.
Reaction and Consequences
Following a more thorough investigation, ZachXBT believes these developers are part of a more extensive network that received $375,000 over the last month and previously transacted a total of $5.5 million to an exchange deposit address between July 2023 and some point in 2024. He was able to track multiple payment addresses linked to OFAC-sanctioned Sim Hyon Sop. US law enforcement suspects that Kim is involved in the payment of salaries to family members of North Korean worker delegations overseas and has received $2 million in crypto for IT equipment sales to DPRK-affiliated teams in China and Russia.
Blockchain investigator ZachXBT continues his investigation to shed light on the involvement of North Korean developers in crypto projects. His findings indicate a sophisticated network with multiple payment addresses and significant financial flows.
Comments