Last week, a report by CoinDesk’s Sam Kessler revealed that developers and IT workers from North Korea were hired by several cryptocurrency projects, allowing the regime to raise funds through two different channels. This poses various concerns for these projects, as North Korea is heavily sanctioned, and hiring individuals from the country violates U.S. law. Moreover, some of these employees have been linked to enabling hacks on the projects they were involved in.
The issue of North Korean employees working for U.S. companies is not new, as previous cases have surfaced where companies inadvertently hired individuals from North Korea. These employees often have to send a significant portion of their earnings back to the regime, supporting its activities. Additionally, projects that are compromised by vulnerabilities inserted by these employees risk losing funds to North Korea. Prosecutors have filed charges against DPRK-affiliated IT workers for compromising companies in the past.
One major concern is the violation of U.S. sanctions laws by hiring individuals from North Korea, regardless of whether it was intentional. While the U.S. government has been somewhat lenient in bringing charges against companies in such cases, it is a risk that companies need to address, especially as the crypto industry gains more attention.
Furthermore, companies must also consider the risk of being hacked by North Korean-affiliated individuals. Recent incidents, such as the hack on Axie Infinity resulting in a loss of $625 million, have been attributed to North Korean hacking groups. Other projects, including Sushi Finance, have also been targeted after employing DPRK IT workers.
To mitigate these risks, companies should carefully vet their employees and contractors to ensure compliance with sanctions laws and protect their projects from potential vulnerabilities. The crypto industry’s growing prominence makes it a prime target for malicious actors, emphasizing the need for heightened security measures.
In other news, a Delaware judge has approved FTX Estate’s bankruptcy plan, Coinbase plans to delist unauthorized stablecoins in the EU, and former Bitcoin developer Peter Todd denies being Satoshi Nakamoto. These updates underscore the ongoing developments and challenges within the cryptocurrency space, highlighting the importance of regulatory compliance and security practices. As the industry continues to evolve, stakeholders must remain vigilant and proactive in addressing emerging threats and vulnerabilities.
