Coinbase, the third-largest cryptocurrency exchange globally by volume, is facing a surge of threats from North Korean hackers looking for remote job opportunities within the company.
North Korean IT professionals are increasingly leveraging Coinbase’s remote work policy to infiltrate its sensitive systems.
In light of this, Coinbase CEO Brian Armstrong is reassessing the exchange’s internal security protocols, which will include mandatory in-person training for all employees in the US, while those with access to sensitive systems must be US citizens and undergo fingerprinting.
“DPRK is highly motivated to steal crypto,” Armstrong stated during a Thursday podcast episode with Cheeky Pint host John Collins. “We can collaborate with law enforcement […] but it seems like there are 500 new graduates every quarter from some kind of educational institution, and that is their primary occupation.”
He noted that many operatives are compelled to work for the regime. “In numerous cases, it’s not the individual’s choice. Their families may be coerced or detained if they refuse to cooperate,” Armstrong explained.
Armstrong’s remarks coincide with a rise in North Korean cyber activities beyond the confines of Coinbase.
In June, four North Korean operatives infiltrated several cryptocurrency firms as freelance developers, collectively stealing $900,000 from these startups, according to Cointelegraph.
Related: Bitcoin ETFs are the next major target for North Korean hackers — Cyvers
Coinbase data leak could jeopardize users’ physical safety
Armstrong’s new initiatives follow a data breach disclosed three months prior, revealing that less than 1% of its monthly users were impacted, potentially costing the exchange up to $400 million in reimbursements, as mentioned in a Cointelegraph report on May 15.
However, the “human cost” of this data breach may be even greater for users, according to Michael Arrington, founder of TechCrunch and Arrington Capital, who highlighted that the breach included sensitive information like home addresses and account balances, raising the risk of physical attacks.
Related: Hoskinson promises audit, expressing deep concern over $600M Cardano treasury claims
Among all cryptocurrency firms in the United States, the Coinbase brand was the most impersonated in phishing attacks in 2024, appearing in 416 reported phishing scams over the past four years, as detailed in a Mailsuite report shared with Cointelegraph.
When considering all brands in the US, Meta, Facebook’s parent company, was the most impersonated brand by scammers, reportedly appearing in at least 10,457 scam incidents over the past four years.
The US Internal Revenue Service ranked second on the list, having been impersonated in at least 9,762 scams.
Magazine: Coinbase hack illustrates how the law likely won’t protect you — Here’s why
