So, here we go again. North Korean-linked operators have been sneaking around in crypto firms and DeFi teams for years, blending in so well you’d think they were just your average blockchain developer. But now, we’ve got a fresh warning about insider risk. Apparently, there’s a bunch of high-value exploits connected to these guys, and guess what? They’ve been operating under our noses the whole time. How comforting.
“Lots of DPRK IT workers built the protocols you know and love,” Monahan said. I mean, who would’ve thought? We trusted these protocols, and now we find out they were made by people who, at best, have zero care about your precious funds.
She went on to confirm that over 40 platforms, including some very familiar projects, have at some point relied on North Korean developers. No biggie, I’m sure they only wanted to help, right?
And hey, don’t get too worked up-those seven years of “blockchain dev experience” on their resumes? Yeah, totally real. Probably. I mean, who wouldn’t believe that?
Now, let’s talk about Lazarus Group. Yeah, that lovely state-backed group responsible for stealing around $7 billion in digital assets since 2017. That’s a nice chunk of change, right? They’ve been linked to some of the biggest hacks, including the $625 million Ronin Bridge exploit, the $235 million WazirX hack, and the $1.4 billion Bybit breach. Just another day at the office for them, apparently.
North Korean actors behind Drift exploit
Oh, and speaking of fun-remember last week when Drift Protocol got hit with a $280 million exploit? Turns out, it wasn’t exactly the North Korean nationals showing up in person. Nope. It was “third party intermediaries” doing the dirty work. These guys, who were so good at pretending to be real people, had “fully constructed identities,” complete with fake job histories and LinkedIn profiles. Trust was built, and boom, the exploit happened. Classic.
In fact, these “third party intermediaries” even had professional networks in place, making it easier for them to be trusted. You know, because who’s going to question a random person on LinkedIn, right?
Independent blockchain investigator ZachXBT jumped in with his own two cents. He warned that not all North Korean hacks are masterminded at the same level of sophistication. Some of these threats? Simple. Just persistent people doing basic things like sending emails, setting up Zoom calls, and leveraging LinkedIn. Easy peasy.
“Basic and in no way sophisticated,” he said. But hey, at least they’ve got the whole ‘relentless’ thing down. You’d think by 2026, some teams might stop falling for this stuff. But apparently, not everyone’s learning their lesson.
Read More
- United Airlines can now kick passengers off flights and ban them for not using headphones
- Crimson Desert: Disconnected Truth Puzzle Guide
- All 9 Coalition Heroes In Invincible Season 4 & Their Powers
- Mewgenics vinyl limited editions now available to pre-order
- Grey’s Anatomy Season 23 Confirmed for 2026-2027 Broadcast Season
- Viral Letterboxd keychain lets cinephiles show off their favorite movies on the go
- All Golden Ball Locations in Yakuza Kiwami 3 & Dark Ties
- Does Mark survive Invincible vs Conquest 2? Comics reveal fate after S4E5
- Assassin’s Creed Shadows will get upgraded PSSR support on PS5 Pro with Title Update 1.1.9 launching April 7
- The Boys Season 5 Spoilers: Every Major Character Death If the Show Follows the Comics
2026-04-06 11:49