North Korean Hackers Are Infiltrating Crypto Job Boards in $600M ‘Silent War’ – DL News

• Fake candidates are testing cryptocurrency’s adoption of anonymity.
• According to the United Nations, 4,000 North Koreans are trying to enter the tech sector by obtaining jobs.
• “There is a silent war going on,” says one expert.

Hiring in the cryptocurrency industry has never been easy.

Finding qualified developers is difficult, as is managing remote workers who operate in different time zones.

Now, hiring in the cryptocurrency industry is about to get even more difficult.

A DL News An investigation has uncovered that fake candidates are flooding job boards with doctored resumes.

Furthermore, mounting evidence suggests that many of these fake candidates are North Korean nationals seeking to infiltrate crypto projects for nefarious purposes, including sensitive data collection, hacking, and asset theft.

“It’s an operational risk for the industry,” said Shaun Potts, founder of cryptocurrency-specific recruiting firm Plexus. DL News. “It’s an ongoing thing, in the same way that hacking is an ongoing thing within technology. You can’t stop it, but you can minimize the risks.”

Hiding identities

According to the United Nations Security Council, more than 4,000 North Koreans have been tricked into sneaking into tech jobs in the West by hiding their identities. This includes the cryptocurrency sector.

In a recent 615-page report, the council said that over the past seven years, in 58 alleged cyber heists, North Korean hackers have stolen $3 billion worth of cryptocurrency.

Join the community to receive our latest stories and updates

While it’s unclear how many of these thefts were perpetrated with the help of fake employees, experts fear this trend is just getting started.

“They illegally sell resources, computer labor, hard labor, and hacking.”

— Taylor Monahan, MetaMask

That’s because it’s big business. The bogus hiring scheme alone earns North Korea up to $600 million a year, the UN said.

“They have very limited amounts of assets that they can sell to China,” said Taylor Monahan, senior security researcher at cryptocurrency wallet MetaMask. DL News“So they generate revenue by doing things like illegal asset sales, computer work, heavy lifting, and hacking.”

New challenge

This development is a new challenge for an industry that is going mainstream. With the launch of Bitcoin ETFs, Wall Street has embraced cryptocurrencies as an asset class. DeFi mainstays like Solana and Aave are seeing revenue increase and expanding their activities.

The last thing cryptocurrencies need is an army of fake candidates as the industry expands and demand for new hires skyrockets.

Ten of the largest cryptocurrency exchanges, including Coinbase and Binance, have posted more than 1,200 new openings in May. Layoffs are also slowing.

According to data from Layoffs.fyiThe number of unemployed in the cryptocurrency sector dropped sharply in the first quarter compared to the same period last year.

“They just added a couple of new roles to make them appear differently in LinkedIn search.”

— Karolis Kundrotas, Partner Durlston

“Everyone I know is either working on another project or is unavailable,” said Zak Cole, co-founder of cryptocurrency studio Number Group. DL News“How will we attract new talent?”

The answer is: cast your net wider.

AI Research

Instead of going through a formal recruitment agency, Cole and his co-founders used an AI tool called Applicant AI to screen candidates. It uses AI to flag keywords in resumes that match their criteria.

The results were mixed. In a video interview with Number Group, a candidate who listed Dutch as his native language hung up when asked to speak in that language.

Another candidate’s GitHub profile, a LinkedIn profile for programmers, had only been created a month earlier, even though the application was for a senior developer role.

On another resume, a remote-work candidate listed a state penitentiary in Texas as his home address.

When asked whether they actually lived in prison, the applicant replied: “Yes.”

Cole’s primary concern was making sure the candidates were who they said they were.

He said that as he pored over them and arranged interviews, a pattern emerged: Many refused to turn on the cameras.

Video Calls

Often, what they said in interviews contradicted what was written on their CVs. In other words, they were lying.

“They all have the same kind of script,” Cole said. He said their backgrounds were also blurry when they appeared on camera and that they were calling from a room with other people in it.

Karolis Kundrotas, a cryptocurrency industry consultant at recruiting firm Durlston Partners, said many candidates copy real LinkedIn profiles.

“It’s exactly the same experiences, and it’s exactly the same type of education as a real person,” he said. “They just added a couple of new roles to make them show up differently in LinkedIn search.”

Kundrotas said video calls are also key because they allow you to see if the person is quickly reading more information before responding.

One candidate did exactly this during a shared video call with DL News.

The applicant stated that he had in-depth knowledge of non-fungible tokens and crypto games, but had never heard of “Axie Infinity,” one of the largest and most well-known games in the industry.

Of course, this is a big alarm bell.

Avoid background checks

In addition to being a huge waste of time, these fake candidates are also undermining a fundamental pillar of cryptocurrency ethics.

Anonymity and pseudonymity are valuable in the cryptocurrency world. The tendency of project teams to avoid background checks and work at breakneck startup speeds makes them a prime target for illegitimate hiring schemes.

Because of this, Potts says 95 percent of his clients have stopped hiring pseudonymous developers.

“People underestimate the low bar in a lot of cryptocurrencies,” said MetaMask’s Monahan. “It’s actually not that uncommon for a random project to hire someone to do some work and then quickly level them up.”

This may be what North Korea’s sleeper candidates are counting on.

Monthly salary of $60,000

Some undercover North Korean cryptocurrency workers earn up to $60,000 a month and work a variety of full-time and freelance jobs.

According to the UN report, top earners can keep 30% of their earnings and hand over the rest to the authorities in Pyongyang.

Given the reports of extreme poverty In North Korea the sums are huge for individuals.

This is why startups need to be diligent.

“They will continue to flood job boards, build resumes, and pursue cryptocurrency companies and projects as long as they are effective,” Monahan said.

Their work also has a geopolitical significance.

Erin Plante, vice president of investigations at Chainalysis, said that there is trial North Korea is partly funding its nuclear weapons program by hacking cryptographic sites. The Lazarus Group, a North Korean hacking operation, They broke into the Ronin Bridge for $540 million in 2022, according to blockchain analytics firm Elliptic.

In 2019, the U.S. Department of the Treasury’s Office of Foreign Assets Control sanctioned Lazarus.

If North Korea is using fake candidates as part of this program, that’s a major issue, said Adam Zarzinski, CEO of blockchain analytics firm Inca Digital.

“There’s this silent war going on,” said Zarzinski, a former judge advocate for the U.S. Air Force. DL News.

Liam Kelly is a DeFi correspondent at DL NewsContact us at liam@dlnews.com.

Fuente