ZachXBT, an on-chain blockchain investigator, has uncovered a complex crypto scam that resulted in the theft of $1.3 million from a project’s treasury. The breach was traced back to malicious code inserted by developers who were later identified as North Koreans, working for the regime while using fake identities. This discovery has sparked concern in the crypto community, highlighting serious security risks that many projects may face.
One of the affected teams contacted ZachXBT for help, unaware that they had unknowingly hired North Korean developers. These developers had spent time creating convincing profiles, posing as legitimate candidates.
Their deception was so effective that they were able to integrate into the project’s development team, where they inserted code that enabled the theft.
The Scam Runs Deeper: 25 More Projects Targeted
ZachXBT’s investigation revealed that over 25 other crypto projects had unknowingly hired similar developers. Between July 2023 and 2024, these developers received $5.5 million in payments. The funds were traced to addresses connected to individuals on the OFAC sanctions list, including notorious figures such as Sim Hyon Sop and Sang Man Kim.
Key Warnings for Crypto Projects
During his investigation, ZachXBT identified several warning signs for teams to look out for when hiring developers. These include candidates who share contacts for job referrals, provide fake resumes with forged work experience, and use fraudulent IDs during the KYC process.
One entity in Asia is reportedly making between $300K and $500K per month by managing over 25 contracts simultaneously. The scale and coordination of this operation underline the need for project teams to carefully review KYC details and thoroughly vet potential hires to protect themselves from future losses.
Also Check Out: Weekly Crypto Hack Report: Largest Incidents and Financial Losses
Is this just the tip of the iceberg? As the crypto industry grows, so do the threats.
Source: https://coinpedia.org/news/crypto-hack-alert-north-korean-devs-behind-1-3m-crypto-theft-from-over-25-projects/