- North Korean operatives are present in 15-20% of all cryptocurrency companies.
- They may control 30-40% of all cryptocurrency applications.
- North Korean Hackers have stolen over $3 billion in cryptocurrency in recent years.
- These operatives use international fronts and stolen identities to gain access to crypto firms.
- The crypto industry has weak operational security, facilitating these infiltrations.
North Korean operatives have deeply embedded themselves within the cryptocurrency sector, affecting a significant portion of the industry worldwide. According to Pablo Sabbatella, founder of the web3 audit firm opsek and a member of the Security Alliance, these operatives are involved in about 15-20% of crypto companies. Sabbatella also estimates they may operate between 30% and 40% of all crypto applications.
The involvement is not limited to Hacking activities. Many North Korean workers are employed at legitimate companies, accessing critical systems and infrastructure required to maintain major crypto platforms. Over the past three years, hackers originating from North Korea have stolen more than $3 billion worth of cryptocurrency through methods such as Malware and social engineering, according to the U.S. Treasury Department. These funds have reportedly been redirected to support Pyongyang’s nuclear weapons programs.
Due to sanctions, North Korean operatives rarely apply for jobs directly. Instead, they use intermediaries globally to act as fronts. They recruit collaborators from countries like Ukraine and the Philippines through freelance platforms such as Upwork and Freelancer, as outlined in a recent Security Alliance report. These fronts provide verified account credentials or remote access to their identities, receiving roughly 20% of earnings while the North Korean operators retain 80%.
The operatives often target U.S.-based companies by finding American workers to act as their front-end during hiring. By infecting these fronts’ devices with malware, they gain access to U.S. IP addresses and broader internet access than possible from inside North Korea. Companies tend to retain these workers because they perform consistently, showing strong work ethics and no complaints.
Operational security (OPSEC), which involves protecting sensitive information from adversaries, is notably weak within the crypto industry. Sabbatella criticized the sector’s poor practices, noting that many crypto founders are “fully doxxed,” mishandle private keys, and are vulnerable to social engineering attacks. This weak OPSEC environment enables malware infections to occur commonly on employees’ computers, further facilitating North Korean infiltration.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- ARK Invest Boosts Stakes in Bullish, BitMine, Circle, Robinhood, BTC ETFs
- Bitcoin Sentiment Hits Record Low, Tactical Price Bounce Expected
- Sovereign Bitcoin Adoption Could Spark $150K Surge: ProCap CIO
- Bitcoin Falls to Seven-Month Low Amid Perfect Storm of Factors
- Cardano Blockchain Splits After Malformed Transaction Attack
