New information about North Korean IT workers involved in cyber attacks on the crypto industry has emerged from leaked data. A well-organized group of perpetrators employs various methods to infiltrate crypto projects.
How North Korean Hackers Operate
The leak reveals that a small team of six North Korean IT workers uses at least 31 fake identities for cover. They obtain everything from government IDs to phone numbers to secure jobs in the crypto industry. This group has been linked to a $1.4 billion theft from the cryptocurrency exchange Bitbit in February.
Use of Google and Remote Programs
Confidential documents show that North Korean workers hold positions as 'blockchain developers' and 'smart contract engineers' on freelance platforms like Upwork, using remote access software to perform their tasks. They also employ VPNs to conceal their true location. Data show that the group spent $1,489.8 on operational expenses.
Call for Enhanced Employee Screening
ZachXBT emphasized the necessity for crypto and tech companies to conduct more thorough background checks on potential hires. He noted that many operations are not highly sophisticated, but the sheer volume of applications can lead to negligence by hiring teams. The lack of collaboration between tech firms and freelance platforms also exacerbates the issue.
The situation with North Korean IT workers highlights the need for the crypto industry to adopt stricter measures regarding employee verification and identifying potential threats from malicious actors.
