How North Korean Hackers Infiltrate the Encryption Industry: Exclusive Insider Reveal

A recent survey revealed that North Korean hackers have successfully infiltrated several well-known encryption companies, including Injective, ZeroLend, Fantom, Sushi, Yearn Finance, and Cosmos Hub. These hackers successfully faked their identities to apply for jobs, passing interviews and background checks to obtain real work experience.

Key Findings

• At least more than ten encryption companies unknowingly hired North Korean IT personnel.
• These employees use fake identities to provide real work experience through interviews and background checks.
• In countries like the United States that sanction North Korea, employing North Korean workers is illegal and poses security risks.
• Multiple companies have been attacked by hackers after hiring North Korean IT personnel.

Penetration Method

North Korean hackers mainly infiltrate encryption companies through the following methods:

1. Forged identity documents and diplomas
2. Create a detailed fake resume and work experience
3. Display code contribution history on platforms like GitHub
4. Utilize the remote work trend to avoid face-to-face contact.
5. Hide your true identity by turning off the camera and other means.

Security Risks

Hiring North Korean IT personnel poses serious security risks:

1. May steal company confidential information and customer data
2. A backdoor may be implanted in the code to facilitate subsequent Hacker attacks.
3. May directly steal encryption assets by taking advantage of one's position.

Typical Case

1. Sushi was attacked by hackers for 3 million dollars, related to hiring North Korean developers.
2. Fantom acknowledged that it had employed two North Korean employees, who were later dismissed.
3. Truflation and Delta Prime were recently attacked by hackers, suspected to be related to North Korea.

Countermeasures

1. Strengthen background checks and verify identity information.
2. Require remote employees to turn on the camera
3. Restrict code access permissions for new employees
4. Stay alert and pay attention to abnormal behavior

Encryption companies should remain vigilant, strengthen reviews, and prevent infiltration by North Korean hackers. At the same time, regulatory agencies should also enhance guidance to help enterprises identify and mitigate related risks.