At Crypto Snapshot, we empower you to navigate the dynamic world of cryptocurrency with confidence and precision. Whether you’re a seasoned trader or a crypto novice, our comprehensive suite of tools and resources is designed to help you make informed decisions and maximize your investment potential.

Explore the full potential of your crypto investments with Crypto Snapshot. Our tools are designed to provide you with the knowledge, insights, and strategies you need to succeed in the dynamic world of cryptocurrency. Start using our tools today and take control of your financial future.

 

 

North Korean Devs Used Fake Identities to Steal From Crypto Project: ZachXBT

Blockchain investigator ZachXBT has released information regarding North Korean developers who allegedly stole $1.3 million from a project’s treasury.

The theft was carried out when the devs, who had been hired using fake identities, injected malicious code into the system, which allowed the unauthorized transfer of funds.

ZachXBT Uncovers Crypto Workers Scheme

ZachXBT explained on X that the stolen funds were initially sent to a theft address and bridged from Solana to Ethereum through the deBridge platform. The funds, 50.2 ETH, were deposited into Tornado Cash, a crypto mixer that obscures transaction trails. After that, 16.5 ETH was transferred to two exchanges.

According to ZachXBT, since June 2024, North Korean IT workers have infiltrated over 25 crypto projects using multiple payment addresses. He noted that there could be a single entity in Asia, likely based in North Korea, receiving between $300,000 to $500,000 each month while employing at least 21 workers across different crypto projects.

Further analysis noted that before this case, $5.5 million had been funneled into an exchange deposit address tied to payments made to North Korean IT workers from July 2023 to July 2024. These payments were linked to Sim Hyon Sop, an individual sanctioned by the US Office of Foreign Assets Control (OFAC).

ZachXBT’s investigation looked deeper into the several errors and unusual patterns made by the malicious actors. There were IP overlaps between developers allegedly based in the US and Malaysia and accidental leaks of alternate identities during recorded sessions.

Following the incident, ZackXBT contacted the affected projects and advised them to review their logs and do more intensive background checks. He also noted several red flags that teams can monitor, such as referrals for roles from other developers, work history inconsistency, and highly polished resumes or GitHub profiles.

North Korean Cybercrime Surge

Meanwhile, groups linked to North Korea have long been associated with cybercrime. Their tactics often include phishing schemes, exploiting software vulnerabilities, unauthorized system access, private key theft, and even infiltrating organizations in person.

One of its most infamous organizations, Lazarus Group, allegedly stole over $3 billion in crypto assets from 2017 to 2023.

In 2022, the US government warned about the surging number of North Korean workers getting into freelance tech roles, especially those in the crypto sector.

The post North Korean Devs Used Fake Identities to Steal From Crypto Project: ZachXBT appeared first on CryptoPotato.

Powered by WPeMatico