North Korea Has Infiltrated Up To 20% Of Crypto Firms, Security Expert Says

Up to one-fifth of all crypto companies may have North Korean workers embedded in their operations, a security expert warned at Devconnect in Buenos Aires.

Summary

  • Up to 20% of crypto companies may unknowingly have North Korean workers embedded.
  • An estimated 30–40% of crypto job applicants are DPRK attempts to infiltrate firms.
  • North Korea has stolen over $3B in crypto in three years, funding nuclear programs.

Pablo Sabbatella, who founded web3 audit firm Opsek and serves as a Security Alliance member, shared estimates that suggest the problem extends far beyond isolated incidents.

Job applications flooding into crypto firms show an even more troubling picture. Sabbatella estimates that roughly 30% to 40% of applicants are North Korean attempts at gaining employment.

Sanctions evasion through identity theft schemes

International sanctions prevent North Koreans from applying for jobs under their real identities. The workaround involves recruiting people in other countries to serve as fake employees.

Freelance platforms like Upwork and Freelancer have become hunting grounds for these recruiters, who target workers in Ukraine, the Philippines, and similar nations.

The arrangement splits earnings 80-20, with the North Korean agent taking the larger share. Collaborators provide verified credentials or allow remote use of their identity.

U.S. companies face particular targeting. North Korean agents claim to be non-English speaking Chinese applicants who need interview assistance.

The “front person” gets their computer infected with malware during this process and grants the agent access to American IP addresses and overall internet access than North Korea allows.

Companies often retain these workers long-term. “They work well, they work a lot, and they never complain,” Sabbatella told local news. Performance keeps suspicions low while access to sensitive systems grows.

Weak security practices enable massive theft operations

Pyongyang’s cyber operations have netted over $3 billion in stolen cryptocurrency across three years, according to U.S. Treasury Department figures from November.

The stolen funds flow directly into North Korea’s nuclear weapons development programs.

Sabbatella placed blame squarely on industry practices. Crypto companies show weaker operational security than any other computing sector, he argued.

Founders publicly reveal their identities, mishandle private keys, and succumb to manipulation tactics.

RECENT NEWS

Crypto Treasuries Chase A New Kind Of Capital

There is a peculiar irony at the heart of the crypto treasury movement. Companies that staked their futures on digital a... Read more

What Strategy's Bitcoin Sale Really Tells Us

There is a moment in every bull run when the narrative starts to fray. Not with a crash, not with a scandal, but with so... Read more

The Clock Is Ticking On UK Stablecoins

The world is not waiting for Britain to make up its mind. While the United States and the European Union have spent the ... Read more

From Cypherpunk To Citadel

How Crypto Moved from the Wild West to the Mainstream Financial SystemA long-form analysis of Bitcoin's journey from fri... Read more

Tether Plots Global Expansion

Stablecoin leader seeks to transform itself from crypto plumbing provider into a broad “freedom tech” conglomerateTe... Read more

World Liberty Seeks Federal Trust Charter

World Liberty Financial, the crypto venture backed by the Trump family, has applied for a US national bank trust charter... Read more

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy.