An investigation by crypto researcher ZachXBT has uncovered that over $16.58 million has been paid to North Korean IT operatives involved in various crypto projects since the beginning of 2025, raising questions about security in blockchain ecosystems.
Payment Streams and Sources
According to ZachXBT's findings, over $16.58 million has been distributed to North Korean IT operatives working on global crypto projects since January 2025. Payments average around $2.76 million monthly, with salaries ranging from $3,000 to $8,000. It is estimated that this could affect between 345 to 920 positions. There have also been noted suspicious activities, such as accounts failing KYC checks and exhibiting abnormal IP addresses. Additionally, Sandy Nguyen was photographed next to a North Korean flag, indicating possible direct ties.
Security Threats in Blockchain Sectors
The influence of North Korean operatives extends to the DeFi and NFT communities, necessitating enhanced due diligence for remote positions. Reports suggest that operatives recommended one another for roles and utilized shared payroll addresses, which raises security concerns. Potential negative consequences could be mitigated through stricter compliance.
Need for Enhanced Security
According to CoinMarketCap data, USDC remains stable at $1.00 with a market cap of $61.65 billion. However, the involvement of North Korean operatives underscores the critical need for enhanced digital security. Blockchain projects must implement stricter vetting processes to shield themselves from such complex threats. This aligns with trends in North Korean cyber operations, emphasizing infiltration rather than direct hacking.
The findings regarding payments to North Korean IT operatives highlight the urgent need for stricter security measures within the crypto industry to safeguard projects from potential threats and attacks.
