Expert warns crypto companies hire North Koreans through global freelancers
A security expert warned at the Devconnect conference in Buenos Aires that up to 20% of all crypto companies may have North Korean workers involved in their operations.
At the recent Devconnect conference, Pablo Sabbatella, founder of Web3 Opsek auditing firm and member of the Security Alliance, shared his estimates on the involvement of North Korean developers in the global crypto industry.
According to Sabbatella, roughly 30–40% of job applications submitted to crypto companies are attempts by North Koreans to secure employment — and many of these attempts are successful.
Workarounds
Although international sanctions prevent North Koreans from applying under their real identities, they are recruited through freelance platforms such as Upwork and Freelancer using intermediaries from Ukraine, the Philippines, and other countries.
The arrangement splits earnings 80/20, with the North Korean agent receiving the larger share. Intermediaries provide sanctioned candidates with verified credentials or allow remote use of their personal data.
As a result, during the fake hiring process, the “stand-in” infects their computer with malware and grants the agent access to their IP address and the client’s internet environment — something North Korea is normally barred from accessing.
U.S. companies are targeted especially aggressively. To get hired by them, North Korean operatives pose as non-English-speaking Chinese candidates who need assistance during interviews.
“Companies often keep these employees for a long time. They work well, work hard, and never complain… Their productivity keeps suspicion low, while access to confidential systems grows,” Sabbatella said.
As a result, he estimates that up to 20% of global crypto companies may unknowingly have North Korean workers on staff.
As we wrote, North Korean hacker group BlueNoroff targets crypto firms with new MacOS malware
- Forex
- Crypto