Experts warn that infiltrators posing as developers could exploit firms without stronger safeguards
Cybersecurity specialists are warning that North Korean operatives are increasingly targeting cryptocurrency companies by posing as developers, creating a major risk of internal exploits. To combat this, experts recommend dual wallet management, AI-powered monitoring, and stricter employee vetting practices.
The issue gained attention after the Coinbase data breach in May, which exposed the wallet balances and physical locations of around 1% of users, with potential damages reaching $400 million. Investigators say such incidents highlight how hiring unverified developers can open the door to state-sponsored cybercrime.
Binance co-founder Changpeng Zhao recently echoed these concerns, warning that North Korean hackers are actively seeking employment opportunities in Web3 firms. An ethical hacker group, SEAL, also published a repository of over 60 fake developer profiles linked to DPRK operatives, underscoring the scale of the infiltration campaign.
Yehor Rudytsia, head of forensics at blockchain security firm Hacken, explained: “Organizations need to treat the DPRK IT worker risk seriously, with thorough background checks and strict role-based access. The key is simple: keep verifying, keep monitoring, and don’t rely on trust alone.”
Rudytsia also advised companies to follow CCSS wallet standards, which include dual control, audit trails, and identity verification. Dual wallet systems—a form of multisignature wallet requiring multiple key holders—can block unauthorized transactions and reduce single-point vulnerabilities.
Beyond access controls, experts stress the role of artificial intelligence in real-time threat detection. Deddy Lavid, CEO of blockchain cybersecurity firm Cyvers, noted: “North Korean IT workers are infiltrating crypto firms to gain insider access and move stolen funds or to steal data. Proactive, AI-driven monitoring is how to stop the next one.”
AI-based anomaly detection can flag unusual hiring activity and suspicious wallet behaviors by linking onchain and offchain data. This proactive approach could have mitigated incidents like the $900,000 stolen in June, when four North Korean agents infiltrated startups under freelance contracts.
As the crypto sector grows, the balance between innovation and security becomes critical. Experts argue that combining dual wallet mechanisms with AI threat detection is no longer optional—it is becoming essential for protecting both firms and their users.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.