Coinbase, currently the third-largest cryptocurrency exchange globally by volume, is facing numerous threats from North Korean hackers looking for remote job opportunities with the firm.
These North Korean IT workers are increasingly targeting Coinbase’s remote work policy to breach its sensitive systems.
In light of this, Coinbase CEO Brian Armstrong is reevaluating the exchange’s security protocols, which now include mandatory in-person training for all employees in the US. Additionally, individuals accessing sensitive systems must be US citizens and undergo fingerprinting.
“DPRK is very interested in stealing crypto,” Armstrong mentioned during an episode of the Cheeky Pint podcast with host John Collins. “We can work with law enforcement […] but it feels like there’s a new wave of graduates every quarter, from some school they operate, and that’s their main role.”
He remarked that some operatives are forced into compliance with the regime. “In many cases, it’s not the individual’s choice. Their families may be coerced or detained if they refuse to cooperate,” Armstrong noted.
Armstrong’s statements come amid an increase in North Korean cyber activity beyond just Coinbase.
In June, four North Korean operatives gained access to multiple crypto companies as freelance developers, stealing a total of $900,000 from these startups, as reported by Cointelegraph.
Related: Bitcoin ETFs are next major target for North Korean hackers — Cyvers
Coinbase data leak could endanger users
Armstrong’s updated protocols follow a data breach three months ago, confirming that less than 1% of its active monthly users were impacted, potentially costing the exchange up to $400 million in reimbursements, according to Cointelegraph on May 15.
However, the “human cost” for affected users may be significantly higher, as asserted by Michael Arrington, founder of TechCrunch and Arrington Capital. He pointed out that the breach involved home addresses and account balances, increasing the risk of physical attacks.
Related: Hoskinson promises audit, is ‘deeply hurt’ by $600M Cardano treasury claims
Among all US crypto firms, the Coinbase brand was the most impersonated in phishing attacks in 2024, fraudulently used in 416 reported phishing scams over the previous four years, as indicated by a Mailsuite report shared with Cointelegraph.
Across all US brands, Meta, Facebook’s parent company, was the most impersonated brand by fraudsters, appearing in at least 10,457 reported scam incidents over the last four years.
The US Internal Revenue Service followed as the second most impersonated, with at least 9,762 scams attributed to it.
Magazine: Coinbase hack shows the law probably won’t protect you — Here’s why
