To get into cryptocurrency companies, North Korean hackers use thousands of shadow employees who act as recruiters or potential recruits.
U.S. officials claim that North Korea has created a shadow labor force of thousands of IT personnel who engage in cybercrime activities, including the execution of extensive cryptocurrency attacks. These “shadow workers” are dispersed throughout nations like China and Russia and are paid well—up to $300,000 annually—for menial technological tasks. They frequently adopt employee or recruiter personas when conducting video interviews and other fraudulent techniques to penetrate cryptocurrency businesses.
One of these shadow employees pretended to be a LinkedIn recruiter in order to target a Sky Mavis engineer. Following their Phone conversation, they gave North Korean hackers access to Sky Mavis and allowed them to perform the Ronin bridge hack, which led to the theft of more than $600 million.
North Korean hackers use “front people” from the West to achieve their goals. Unaware of their connections to the hackers, these people interview for jobs at crypto companies and are hired. When hired, they make minor changes to the products that introduce weaknesses that the hackers can take advantage of.
This information reveals North Korea’s enormous network of cyberterrorists and their cutting-edge methods for attacking the bitcoin market. In order to combat these risks, the crypto industry needs to be more vigilant and implement strong security measures. This is highlighted by the use of misleading methods and the use of front people.
Related: North Korea and criminals are using DeFi services for money laundering — US Treasury
Technical Sophistication of North Korean Hackers
The Wall Street Journal recently published an article highlighting the level of technological proficiency displayed by North Korean hackers, which has astounded American authorities and researchers. These hackers have carried out intricate and unusual actions that have never been seen before. Their cutting-edge strategies and tools demonstrate their mastery of the cyberspace.
The paper includes several significant examples, including a cascading supply-chain attack carried out by North Korean hackers. Researchers characterized this attack as a first-of-its-kind that demonstrated the hackers’ capacity to enter and take advantage of connected systems within a supply chain.
Strong defense mechanisms are essential to reducing the hazards posed by these cyber threats because such advanced and developing techniques present major problems for cybersecurity experts.
With the help of these shadow workers, North Korean hackers have stolen over $3 billion over the past five years, as per Chainalysis.
Related: North Korean hackers using stolen crypto to mine more crypto via cloud services