Coinbase, the third-largest cryptocurrency exchange globally by volume, is facing a surge of threats from North Korean hackers aiming for remote positions within the company.
North Korean IT professionals are increasingly exploiting Coinbase’s remote work policy to infiltrate its sensitive systems.
In light of this, Coinbase CEO Brian Armstrong is reassessing the exchange’s internal security protocols, mandating in-person training for all employees in the U.S., and requiring that those with access to sensitive systems be U.S. citizens and undergo fingerprinting.
“DPRK is highly motivated to steal crypto,” Armstrong stated on the Cheeky Pint podcast with host John Collins. “We can work with law enforcement […] but it feels like there are 500 new graduates every quarter from some kind of school dedicated to this.”
He also mentioned that some individuals are forced into compliance. “In many of these cases, it’s not the person’s fault. Their families are pressured or detained if they don’t cooperate,” Armstrong explained.
Brian Armstrong on the Cheeky Pint podcast. Source: YouTube
Armstrong’s statements come amid increasing North Korean cyber activity beyond just Coinbase.
In June, four North Korean agents infiltrated several cryptocurrency companies as freelance developers, stealing a total of $900,000 from these startups, as reported by Cointelegraph.
Related: Bitcoin ETFs are the next major target for North Korean hackers — Cyvers
Coinbase data leak could endanger users
The new measures from Armstrong follow a statement made three months ago when the exchange acknowledged that less than 1% of its monthly active users were affected by a data breach, which could cost the exchange up to $400 million in reimbursements, as per Cointelegraph’s report on May 15.
Nevertheless, the “human cost” of this data breach may significantly exceed financial implications for users, according to Michael Arrington, founder of TechCrunch and Arrington Capital. He noted that the breach revealed home addresses and account balances, potentially leading to physical threats.
Source: Michael Arrington
Related: Hoskinson promises audit, is ‘deeply hurt’ by $600M Cardano treasury claims
Among U.S. cryptocurrency firms, Coinbase was the most impersonated in phishing scams during 2024, with its name fraudulently used across 416 reported phishing incidents over the last four years, according to a Mailsuite report provided to Cointelegraph.
US brands most impersonated by scammers. Source: Mailsuite
Within the totality of U.S. brands, Meta, Facebook’s parent company, was the most impersonated label, appearing in at least 10,457 reported scam incidents over the past four years.
Following closely in the ranks, the U.S. Internal Revenue Service was impersonated in a minimum of 9,762 scams.
Magazine: Coinbase hack indicates the law may not offer adequate protection — Here’s why
