COINOTAG News, citing DL News, recaps remarks from the Devconnect conference by Pablo Sabbatella, founder of opsek and SEAL member. He warned that the scale of North Korean infiltration in the crypto sector is alarmingly high, with estimates of 15%–20% of firms hosting infiltrators and 30%–40% of job applications coming from North Korean agents. Sanctions push these actors to target remote workers globally, especially in developing markets such as Ukraine and the Philippines, for credential handovers or remote identity access.
He described a parasitic model where workers receive 20% of earnings while agents claim 80%, and noted recruiters sometimes hire Americans as “front-enders” to plant malware and acquire a U.S. IP, enabling broader access. Once hired, the operations tend to persist thanks to consistent performance and lack of complaints.
He warned that crypto cybersecurity is historically fragile and that founders are prime targets for social engineering. His recommendations center on rigorous due diligence, enhanced endpoint protection, and tighter remote-work policies to reduce exposure and safeguard assets.