My Crypto Past – Latest Crypto & Blockchain News
Image default
Bitcoin Uncovers ZachXBT

ZachXBT Uncovers 21 North Korean Devs Making $500,000 Monthly in Crypto Sector

Blockchain sleuth ZachXBT has uncovered a highly sophisticated network of North Korean developers earning up to $500,000 monthly working on established crypto projects.

ZachXBT shared this discovery with his 618,000 followers in an August 15 X post. The on-chain sleuth believes an Asian entity, likely operating from North Korea, receives between $300,000 to $500,000 monthly by sending workers to various crypto projects.

Notably, the entity employs at least 21 developers on over 25 crypto projects.

North Korean Crypto Scheme

The investigation took a significant turn when a team contacted ZachXBT for help after a malicious code in their project drained their treasury of $1.3 million.

Following some diggings, ZachXBT discovered that the team had unknowingly hired multiple North Korean IT workers who had used fake identities to secure the jobs.

These developers, who appear to be part of a more extensive network, managed to launder the stolen funds through a series of transactions. They ultimately moved 16.5 Ether to two separate exchanges.

ZachXBT’s deep dive into this network revealed even more troubling connections. By tracking payment addresses, he identified several developers receiving substantial payments. Over the past month, they have already realized $375,000.

Further analysis showed that these payments totaled a staggering $5.5 million over several months. The investigation also traced the funds back to an exchange deposit address active from July 2023 to the present.

Moreover, these findings directly connected the payments to IT workers in North Korea and a man named Sim Hyon Sop.

Reports had it that the Office of Foreign Assets Control (OFAC) sanctioned Sop in April last year. This sanction came after Hyon Sop was found coordinating financial transfers that fund North Korea’s weapons programs.

ZachXBT also uncovered links to Sang Man Kim, another OFAC-sanctioned individual with a history of involvement in DPRK-related cybercrime.

According to US law enforcement, Kim had been paying salaries to family members of DPRK worker delegations abroad.

Also, he has allegedly received $2 million in digital assets for successful transactions of IT equipment with the Chinese and Russian DPRK-affiliated teams.

Additional Layers of Concern

One alarming aspect of the investigation was the discovery of overlaps of Russian Telecom IP addresses among developers posing as US and Malaysia residents.

In one case, a developer accidentally disclosed their other identity on a notepad, further exposing the deceitful practices used by these workers.

ZachXBT also noted that recruitment companies have hired some developers for these projects. Some referred each other for jobs, showing the depth of their penetration into the industry.

Notably, this network’s ability to embed itself within legitimate crypto projects raises serious concerns about the industry’s security.

ZachXBT emphasized that many experienced teams have unknowingly hired these North Korean developers, making it unfair to blame them for the breaches.

After ZachXBT posted his findings, another project quickly realized they had hired one of the DPRK IT workers listed in his report.

Within minutes of the discovery, the worker, who went by the codename Naoki Murano, left the project’s chat and wiped their GitHub account clean.

This latest discovery by ZachXBT adds another layer to the ongoing concern about North Korea’s aggressive tactics in the digital sector. It highlights the need for heightened vigilance and more robust safeguards within the crypto industry.

Disclaimer: The opinions expressed in this article do not constitute financial advice. We encourage readers to conduct their own research and determine their own risk tolerance before making any financial decisions. Cryptocurrency is a highly volatile, high-risk asset class.

Our Editorial Process

The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.

Read More

Related posts

New Linux malware Hadooken targets Oracle WebLogic servers

DailyCrypto.news

Bitcoin Stable at $19K Despite BOE’s 50 Basis Point Interest Rate Hike

DailyCrypto.news

Arthur Hayes Warns: Bitcoin Could Drop Below $50K This Weekend

DailyCrypto.news

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.