{"id":3151,"date":"2025-09-18T15:14:21","date_gmt":"2025-09-18T15:14:21","guid":{"rendered":"https:\/\/www.jubi24.com\/?p=3151"},"modified":"2025-09-18T15:14:22","modified_gmt":"2025-09-18T15:14:22","slug":"cz-crypto-seal-team-sound-alarm-on-60-north-korean-hackers","status":"publish","type":"post","link":"https:\/\/www.jubi24.com\/?p=3151","title":{"rendered":"CZ, Crypto ‘SEAL’ Team Sound Alarm On 60 North Korean Hackers"},"content":{"rendered":"


\n<\/p>\n

North Korean hackers are stepping up efforts to infiltrate cryptocurrency companies by posing as IT workers, raising fresh security concerns for the industry, according to Binance co-founder Changpeng \u201cCZ\u201d Zhao and a team of ethical hackers.<\/p>\n

CZ sounded<\/a> the alarm Thursday on X about the growing threat of North Korean hackers seeking to infiltrate crypto companies through employment opportunities and even bribing exchange staff for data access.<\/p>\n

\u201cThey pose as job candidates to try to get jobs in your company. This gives them a \u201cfoot in the door,\u201d specifically for employment opportunities related to development, security and finance, CZ said.<\/p>\n

\u201cThey pose as employers and try to interview\/offer your employees. During the interview, they will be a problem with Zoom and they will send your employee a link to an \u201cupdate\u201d, which contains virus that will takeover your employee\u2019s device.\u201d<\/p><\/blockquote>\n

Other North Korean agents give employees coding questions to send them malicious \u201csample code\u201d later, pose as users to send malicious links to customer support, or even \u201cbribe your employees, outsourced vendors for data access,\u201d Zhao said.<\/p>\n

\u201cTo all crypto platforms, train your employees to not download files, and screen your candidates carefully,\u201d he added.<\/p>\n

Source: Changpeng <\/em>Zhao<\/em><\/a><\/figcaption><\/figure>\n

Related: <\/strong><\/em>Bitcoin ETFs are next major target for North Korean hackers \u2014 Cyvers<\/strong><\/em><\/a><\/p>\n

The warning follows similar concerns from Coinbase, which reported a new wave of threats<\/a> last month.<\/p>\n

In response, Coinbase CEO Brian Armstrong introduced new internal security measures, including requiring all workers to receive in-person training in the US, while people with access to sensitive systems will be required to hold US citizenship and submit to fingerprinting.<\/p>\n

Brian Armstrong, right, on the Cheeky Pint podcast. Source: <\/em>YouTube<\/em><\/a><\/figcaption><\/figure>\n

\u201cWe can collaborate with law enforcement [\u2026] but it feels like there\u2019s 500 new people graduating every quarter, from some kind of school they have, and that\u2019s their whole job,\u201d Armstrong told Cheeky Pint podcast host John Collins.<\/p>\n

Related: <\/strong><\/em>Bitcoin whale awakens after 12 years, transfers 1,000 BTC before US Fed meeting<\/strong><\/em><\/a><\/p>\n

Security Alliance uncovers 60 North Korean hackers impersonating IT workers<\/h2>\n

Zhao\u2019s warning came as a group of ethical hackers called Security Alliance (SEAL) compiled the profiles of at least 60 North Korean agents posing as IT workers under fake names seeking to infiltrate US crypto exchanges and steal sensitive user data.<\/p>\n

SEAL team repository of 60 North Korean IT worker impersonators. Source: lazarus.group\/team<\/em><\/figcaption><\/figure>\n

\u201cNorth Korean developers are eager to work for your company, but it\u2019s important to not get scammed by impostors when hiring,\u201d Security Alliance said in a Wednesday X post<\/a>, sharing its new repository for North Korean impersonators.<\/p>\n

The repository contains key information on North Korean impersonators, including aliases, fake names and email used, along with websites, both real and fake citizenships, addresses, locations and the numbers of firms that hired them.<\/p>\n

SEAL team repository of North Korean IT worker impersonator \u2018Kazune Takeda\u2019. Source: lazarus.group\/team<\/em><\/figcaption><\/figure>\n

Salary details, GitHub profiles and all other public associations are also included for each impersonator.<\/p>\n

In June, four North Korean operatives infiltrated multiple crypto firms as freelance developers, stealing a cumulative $900,000 from these<\/a> startups, illustrating the growing threat, Cointelegraph reported.<\/p>\n

The white hat SEAL<\/a> team was formed to combat these exploits, led by white hat hacker and Paradigm researcher Samczsun. SEAL conducted more than 900 hack-related investigations within a year of its launch, illustrating the growing need for ethical hackers, Cointelegraph reported in August 2024.\u00a0<\/p>\n

SEAL Whitehat Safe Harbor Agreement. Source: Security Alliance<\/em><\/figcaption><\/figure>\n

North Korean hackers like the infamous Lazarus Group<\/a> are the main suspects behind some of the most devastating cryptocurrency heists, including the $1.4 billion Bybit hack<\/a>, the industry\u2019s largest so far.<\/p>\n

Throughout 2024, North Korean hackers stole over $1.34 billion worth of digital assets across 47 incidents, a 102% increase from the $660 million stolen in 2023, according<\/a> to Chainalysis data.<\/p>\n