Cryptocurrency firms must bolster their defenses against North Korean hackers who are trying to secure positions at major Web3 companies to orchestrate large-scale attacks, security experts informed Cointelegraph.
Employing North Korean developers might expose a crypto project’s frameworks to hacking and data breach risks akin to the Coinbase incident in May, where wallet balances and physical locations of approximately 1% of the exchange’s monthly users were compromised, potentially costing the exchange up to $400 million in reimbursement.
To combat this escalating risk, the sector should implement advanced wallet management protocols, real-time AI surveillance for early detection of exploits, and stricter employee vetting, as per crypto security analysts speaking to Cointelegraph.
“Organizations need to take the DPRK [Democratic People’s Republic of Korea] IT worker threat seriously,” advocating for “comprehensive background checks and stringent role-based access,” stated Yehor Rudytsia, head of forensics and incident response at blockchain cybersecurity firm Hacken.
Crypto companies should also adhere to “CCSS guidelines for wallet operations (dual control, audit trails, identity verification),” Rudytsia advised Cointelegraph. “Additionally, enhance logging, monitor for abnormal activities, and frequently review cloud configurations. The essence is straightforward: keep verifying, keep monitoring, and avoid sole reliance on trust.”
Dual wallet control refers to a multisignature wallet that necessitates multiple key holders to authorize a transaction.
While most North Korean developers are not hackers, their earnings contribute to a regime that poses a significant cybercrime challenge to the crypto sector.
Related: Circle considers ‘reversible’ USDC transactions, diverging from crypto principles
Recently, Binance co-founder Changpeng Zhao raised alarms about the increasing menace of North Korean hackers aiming to breach crypto companies through job opportunities and bribery.
This caution followed the release of profiles of at least 60 North Korean agents posing as IT professionals under fake identities, aiming for employment in the U.S. by an ethical hacker group named Security Alliance (SEAL).
The repository revealed crucial details about North Korean impersonators, encompassing aliases, fictitious names and emails, alongside genuine and fabricated websites, citizenships, addresses, locations, and the receiving firms.
Related: World Liberty adviser bets millions as corporate treasuries fuel AVAX rally
Real-time AI threat monitoring can safeguard crypto firms from data breaches
Experts recommend implementing artificial intelligence for proactive threat identification.
“North Korean IT workers are infiltrating crypto companies to gain insider access and either move stolen assets or exfiltrate data,” asserted Deddy Lavid, co-founder and CEO of blockchain cybersecurity firm Cyvers, as he commented:
“The Coinbase breach serves as a warning. Proactive, AI-driven oversight is essential to avert the next incident.”
Lavid emphasized that AI-based anomaly detection in hiring practices and the integration of on-chain and off-chain data could enhance firm security.
In June, four North Korean operatives gained entry to several crypto companies as freelance developers, stealing a total of $900,000 from these startups, highlighting the persistent threat.
Magazine: Thailand’s ‘Big Secret’ crypto hack, Chinese developer’s RWA tokens: Asia Express
