A large batch of leaked internal data has revealed that North Korean IT workers generated over $3.5 million in cryptocurrency in recent months through a coordinated operation involving fake developer identities and structured payment systems, according to blockchain investigator ZachXBT. The information surfaced after an unnamed hacker compromised one of the workers’ devices, exposing records […]
Cybersecurity researcher Taylor Monahan has claimed that North Korea-linked IT workers have been operating within the decentralized finance ecosystem for years. Monahan stated that these actors have contributed to many well-known protocols during the “DeFi summer” era of 2020. According to her latest tweet, the years of blockchain development experience listed on their resumes were […]
Bitrefill disclosed that it was targeted in a cyberattack on March 1, which resulted in the theft of cryptocurrency funds, and said its investigation found multiple indicators linking the incident to tactics used by the DPRK-associated Lazarus/Bluenoroff group. The company stated that similarities in the attackers’ methods, malware, on-chain tracing patterns, and the reuse of […]
Cybersecurity firm, Security Alliance (SEAL), said it is tracking multiple daily attempts by North Korean-linked threat actors using so-called “fake Zoom” or “fake Teams” meetings to distribute malware and expand access to new victims. The non-profit reshared a detailed warning from security researcher Taylor Monahan outlining how the attacks unfold and the scale of losses […]
A new report by the Multilateral Sanctions Monitoring Team (MSMT) shows that North Korean hackers stole $2.83 billion in cryptocurrency between January 2024 and September 2025. This figure accounts for nearly one-third of the country’s total foreign currency income in 2024. Bybit Exploit Was the Largest Contributor The MSMT, a coalition of 11 countries formed […]
Binance founder Changpeng Zhao (CZ) has issued a warning to crypto projects about North Korean hackers. He detailed how the group is using increasingly sophisticated tactics to gain access to companies. Operatives Are Exploiting Hiring Process CZ shared his concerns via a September 18 X post, describing the hackers as “advanced, creative, and patient.” He […]
Investigations by popular blockchain sleuth ZachXBT have uncovered extensive North Korean infiltration in the global cryptocurrency development job market. An unnamed source recently compromised a device belonging to a DPRK IT worker and provided unprecedented insight into how a small team of five IT workers operated over 30 fake identities. DPRK Operatives Flood Crypto Job […]
A lengthy sentence, along with hefty fees, is what awaits a resident of the southwestern U.S. state who facilitated the hiring of numerous people using stolen identities. The rise of the DPRK threat is a global concern, and its tactics are becoming increasingly sophisticated. Details on The Arrest A press release shared by the Office of […]
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday sanctioned Song Kum Hyok, a North Korean cyber actor associated with the Reconnaissance General Bureau’s (RGB) Andariel hacking group. OFAC said Song facilitated an illicit IT worker scheme that generated revenue for Pyongyang’s regime. Treasury Targets DPRK Cyber Actor According to […]
SentinelLabs, the research and threat intelligence arm of cybersecurity firm SentinelOne, has delved into a new and sophisticated attack campaign called NimDoor, targeting macOS devices from DPRK bad actors. The elaborate scheme involves using the programming language Nim to inject multiple attack chains on devices used in small Web3 businesses, which is a recent trend. […]
- 1
- 2