CZ alerts industry to North Korean hackers using fake IT profiles
Binance co-founder Changpeng Zhao (CZ) warned the crypto industry about a new wave of attacks from North Korean hackers.
According to him, operatives posing as job candidates and IT staff are attempting to infiltrate companies to gain access to user data and internal systems. Attackers typically pose as developers, security specialists, or finance staff. During interviews, they send infected “sample code,” share malicious links disguised as software updates, or directly offer bribes to contractors to gain access to data.
The warning followed an investigation by white-hat hacker group Security Alliance (SEAL). They uncovered 60 fake profiles created by North Korean agents. The SEAL database contains details on aliases, fake citizenships, addresses, emails, and even companies that had already hired these “employees.”
CZ urged crypto companies to thoroughly vet candidates and train employees to avoid downloading suspicious files. “They pose as users and send you links in a Customer Support request. The linked page will have a virus to download of some kind,” he said.
Earlier in June, four DPRK agents embedded themselves in freelance teams at several crypto startups, stealing $900,000. According to Chainalysis, in 2024 North Korean groups stole $1.34B in crypto across 47 attacks, which is double the amount from the year before.
Experts note that the Lazarus Group remains the most active, responsible for the $1.4B theft from Bybit, possibly the largest known crypto theft. The rise in personnel-based attacks shows that threats now come not only from technical exploits but also from social engineering.
CZ urged crypto companies to thoroughly vet candidates and train employees to avoid downloading suspicious files. “They pose as users and send you links in a Customer Support request. The linked page will have a virus to download of some kind,” he said.
Earlier in June, four DPRK agents embedded themselves in freelance teams at several crypto startups, stealing $900,000. According to Chainalysis, in 2024 North Korean groups stole $1.34B in crypto across 47 attacks, which is double the amount from the year before.
Experts note that the Lazarus Group remains the most active, responsible for the $1.4B theft from Bybit, possibly the largest known crypto theft. The rise in personnel-based attacks shows that threats now come not only from technical exploits but also from social engineering.
Recommended