Crypto scam
Threat of fake job applications in crypto
Suspected North Korean operatives are allegedly using fake job applications to infiltrate web3 projects, siphoning off millions and raising security concerns.
In the last few years, blockchain and web3 have been at the forefront of technological innovation. However, to paraphrase a quote, with great innovation comes great risk.
Recent revelations have uncovered a sophisticated scheme by operatives suspected to be affiliated with the Democratic People’s Republic of Korea to infiltrate the sector through fake job applications, raising alarms about the security and integrity of the industry.
Economic motives and cyber strategies
North Korea’s economy has been severely crippled by international sanctions, limiting its access to crucial resources, restricting trade opportunities, and hindering its ability to engage in global financial transactions.
In response, the regime has employed various methods to circumvent these sanctions, including illicit shipping practices, smuggling, and tunneling, as well as using front companies and foreign banks to conduct transactions indirectly.
However, one of the DPRK’s most unconventional methods of raising revenue is its reported use of a sophisticated cybercrime warfare program that allegedly conducts cyberattacks on financial institutions, crypto exchanges, and other targets.
The crypto industry has been one of the biggest victims of this rogue state’s alleged cyber operations, with a TRM report from earlier in the year indicating crypto lost at least $600 million to North Korea in 2023 alone.
In total, the report stated that North Korea was responsible for an eye-watering $3 billion worth of crypto stolen since 2017.
With crypto seemingly a soft and lucrative target, reports have emerged of DPRK-linked actors tightening the screw by infiltrating the industry using fake job applications.
Once hired, these operatives are in a better position to steal and siphon off funds to support North Korea’s nuclear weapons program and circumvent the global financial restrictions imposed on it.
The modus operandi: fake job applications
Going by stories in the media and information from government agencies, it seems DPRK operatives have perfected the art of deception, crafting fake identities and resumes to secure remote jobs in crypto and blockchain companies worldwide.
An Axios story from May 2024 highlighted how North Korean IT specialists were gaming American hiring practices to infiltrate the country’s tech space.
Axios said the North Korean agents use forged documents and fake identities, often masking their true locations with VPNs. Additionally, the story claimed that these would-be bad actors primarily target sensitive roles in the blockchain sector, including developers, IT specialists, and security analysts.
300 companies affected by fake remote job application scam
The scale of this deception is vast, with the U.S. Justice Department recently revealing that more than 300 U.S. companies were duped into hiring North Koreans through a massive remote work scam.
These scammers not only filled positions in the blockchain and web3 space but also allegedly attempted to penetrate more secure and sensitive areas, including government agencies.
According to the Justice Department, the North Korean operatives used stolen American identities to pose as domestic technology professionals, with the infiltration generating millions of dollars in revenue for their beleaguered country.
Interestingly, one of the orchestrators of the scheme was an Arizona woman, Christina Marie Chapman, who allegedly facilitated the placement of these workers by creating a network of so-called “laptop farms” in the U.S.
These setups reportedly allowed the job scammers to appear as though they were working within the United States, thereby deceiving numerous businesses, including several Fortune 500 companies.
Notable incidents and investigations
Several high-profile cases have shown how these North Korea-linked agents infiltrated the crypto industry, exploited vulnerabilities, and engaged in fraudulent activities.
Cybersecurity experts like ZachXBT have provided insights into these operations through detailed analyses on social media. Below, we look at a few of them.
Case 1: Light Fury’s $300K transfer
ZachXBT recently spotlighted an incident involving an alleged North Korean IT worker using the alias “Light Fury.” Operating under the fake name Gary Lee, ZachXBT claimed Light Fury transferred over $300,000 from his public Ethereum Name Service (ENS) address, lightfury.eth, to Kim Sang Man, a name which is on the Office of Foreign Assets Control (OFAC) sanctions list.
Light Fury’s digital footprint includes a GitHub account, which shows him as a senior smart contract engineer who has made more than 120 contributions to various projects in 2024 alone.
Case 2: the Munchables hack
The Munchables hack from March 2024 serves as another case study showing the importance of thorough vetting and background checks for key positions in crypto projects.
This incident involved the hiring of four developers, suspected to be the same person from North Korea, who were tasked with creating the project’s smart contracts.
The fake team was linked to the $62.5 million hack of the GameFi project hosted on the Blast layer-2 network.
The operatives, with GitHub usernames such as NelsonMurua913, Werewolves0493, BrightDragon0719, and Super1114, apparently displayed coordinated efforts by recommending each other for jobs, transferring payments to the same exchange deposit addresses, and funding each other’s wallets.
Additionally, ZachXBT said they frequently used similar payment addresses and exchange deposit addresses, which indicated a tightly-knit operation.
The theft happened because Munchables initially used an upgradeable proxy contract that was controlled by the suspected North Koreans who had inveigled themselves into the team, rather than the Munchables contract itself.
This setup provided the infiltrators with significant control over the project’s smart contract. They exploited this control to manipulate the smart contract to assign themselves a balance of 1 million Ethereum.
Although the contract was later upgraded to a more secure version, the storage slots manipulated by the alleged North Korean operatives remained unchanged.
They reportedly waited until enough ETH had been deposited in the contract to make their attack worthwhile. When the time was right, they transferred approximately $62.5 million worth of ETH into their wallets.
Fortunately, the story had a happy ending. After investigations revealed the former developers’ roles in the hack, the rest of the Munchables team engaged them in intense negotiations, following which the bad actors agreed to return the stolen funds.
Case 3: Holy Pengy’s hostile governance attacks
Governance attacks have also been a tactic employed by these fake job applicants. One such alleged perpetrator is Holy Pengy. ZachXBT claims that name is an alias for Alex Chon, an infiltrator allied to the DPRK.
When a community member alerted users about a governance attack on the Indexed Finance treasury, which held $36,000 in DAI and approximately $48,000 in NDX, ZachXBT linked the attack to Chon.
According to the on-chain investigator, Chon, whose GitHub profile features a Pudgy Penguins avatar, regularly changed his username and had been reportedly fired from at least two different positions for suspicious behavior.
In an earlier message to ZachXBT, Chon, under the Pengy alias, described himself as a senior full-stack engineer specializing in frontend and solidity. He claimed he was interested in ZachXBT’s project and wanted to join his team.
An address linked to him was identified as being behind both the Indexed Finance governance attack and an earlier one against Relevant, a web3 news sharing and discussion platform.
Case 4: Suspicious activity in Starlay Finance
In February 2024, Starlay Finance faced a serious security breach impacting its liquidity pool on the Acala Network. This incident led to unauthorized withdrawals, sparking significant concern within the crypto community.
The lending platform attributed the breach to “abnormal behavior” in its liquidity index.
However, following the exploit, a crypto analyst using the X handle @McBiblets, raised concerns regarding the Starlay Finance development team.
As can be seen in the X thread above, McBiblets was particularly concerned with two individuals, “David” and “Kevin.” The analyst uncovered unusual patterns in their activities and contributions to the project’s GitHub.
According to them, David, using the alias Wolfwarrier14, and Kevin, identified as devstar, appeared to share connections with other GitHub accounts like silverstargh and TopDevBeast53.
As such, McBiblets concluded that those similarities, coupled with the Treasury Department’s warnings about DPRK-affiliated workers, suggested the Starley Finance job may have been a coordinated effort by a small group of North Korean linked infiltrators to exploit the crypto project.
Implications for the blockchain and web3 sector
The seeming proliferation of suspected DPRK agents in key jobs poses significant risks to the blockchain and web3 sector. These risks are not just financial but also involve potential data breaches, intellectual property theft, and sabotage.
For instance, operatives could potentially implant malicious code within blockchain projects, compromising the security and functionality of entire networks.
Crypto companies now face the challenge of rebuilding trust and credibility in their hiring processes. The financial implications are also severe, with projects potentially losing millions to fraudulent activities.
Furthermore, the U.S. government has indicated that funds funneled through these operations often end up supporting North Korea’s nuclear ambitions, further complicating the geopolitical landscape.
For that reason, the community must prioritize stringent vetting processes and better security measures to safeguard against such deceptive job-hunting tactics.
It is important for there to be enhanced vigilance and collaboration across the sector to thwart these malicious activities and protect the integrity of the burgeoning blockchain and crypto ecosystem.
Source link
Binance crypto exchange has issued a warning about an ongoing malware threat that manipulates cryptocurrency withdrawal addresses, posing significant financial risks to users. The exchange has observed an increase in such malicious activities, prompting a robust response to safeguard user transactions.
Binance Issues Alert on Malware Threats to Crypto Wallets
In a recent blog post, Binance detailed how the malware known as “Clipper” is affecting the crypto community. This malware intercepts and alters clipboard data to change cryptocurrency addresses copied by users during transactions.
As a result, funds intended for legitimate recipients are misdirected to addresses controlled by attackers. The security team at Binance has enhanced monitoring to detect and prevent these alterations.
Furthermore, the company has committed to educating its users about recognizing and mitigating such threats. The exchange emphasizes the importance of verifying the authenticity of wallet addresses before executing transactions. It advises double-checking addresses manually and avoiding the use of clipboard for transactions when possible.
Enhanced Security Measures and User Guidance
In addition, Binance has implemented several security measures in response to the rising threat from malicious software. One primary strategy is the blacklisting of suspicious addresses identified as part of the scam. This preventive measure has thwarted numerous transactions that would have resulted in unauthorized withdrawals.
The cryptocurrency exchange is also actively engaging with its user base, issuing notifications to those potentially affected by such malware. The exchange platform encourages users to report any suspicious activity immediately, enabling the security team to take swift action.
Moreover, the exchange recommends that users install and maintain reputable security software, which can provide an additional layer of defense by detecting and removing malware.
Preventative Strategies to Combat Crypto Scams
To combat the threat of this crypto scam, Binance advocates a proactive approach to online security. Users are urged to verify the sources of any downloadable apps or plugins, sticking to official and reputable outlets. Regular updates to security software can also help protect against the latest threats.
More so, this week, the American division of the crypto exchange, BinanceUS, partnered with digital asset custody firm Fireblocks. This collaboration aims to improve the security of customer assets against crypto scams using sophisticated wallet technologies.
Similarly, to combat crypto scams, the Commodity Futures Trading Commission (CFTC) launched educational collaborations with both federal and private entities to inform the public about prevalent scams, such as “pig butchering” and other deceptive schemes.
Ronny Mugendi
Ronny Mugendi is a seasoned crypto journalist with four years of professional experience, having contributed significantly to various media outlets on cryptocurrency trends and technologies. His work includes notable contributions to Cryptopolitan and Coingape News Media, where he shares his insights on the latest developments in the cryptocurrency market. Outside of his journalism career, Ronny enjoys the thrill of bike riding, exploring new trails and landscapes.
Disclaimer: The presented content may include the personal opinion of the author and is subject to market condition. Do your market research before investing in cryptocurrencies. The author or the publication does not hold any responsibility for your personal financial loss.
Source link
Crypto-related scams and fraud surged last year, with losses skyrocketing 45% in 2023 compared to the previous year, according to a new FBI report.
As crypto gains popularity in the United States, it also brings a rise in crypto scams. According to an FBI report released Sept. 9, the total losses to these scams exceeded $5.6 billion in 2023.
In 2023, the FBI Internet Crime Complaint Center received more than 69,000 complaints from the public regarding financial fraud involving cryptocurrencies, like Bitcoin (BTC), Ethereum (ETH), or Tether (USDT).
Investment scams were the most costly, accounting for 71% of the total losses, or about $3.96 billion. Call center fraud and government impersonation scams followed, contributing to 10% of the losses.
The most vulnerable demographic appears to be individuals over 60, who reported the highest number of complaints. According to the FBI, their collective losses surpassed $1.6 billion.
Different types of crypto scams
Scammers often establish trust through dating apps or social media before luring victims into fraudulent cryptocurrency investments. Some of the scams highlighted by the FBI include investment scams, lottery scams, romance scams, credit card fraud, extortion, and ransomware.
Some of these scams like romance scams, often dubbed as pig butchering scams, involve fraudsters befriending victims under the pretense of a potential love interest.
Victims may be allowed to withdraw small sums to build credibility, but they eventually find themselves duped into larger losses. In some cases, fraudulent recovery services that promise to retrieve their stolen funds further exploit the victims.
The FBI urged the public to exercise extreme caution when approached with investment opportunities by individuals they have only met online, emphasizing that anyone can be a target.
Source link
The Bitcoin ATM has gained significant popularity recently, especially with the growing adoption of digital assets globally. However, with its rising popularity, concerns are also increasing over its potential impact on crypto security. A recent US FTC report highlights the surge in scams and vulnerabilities, sparking concerns for the users.
Bitcoin ATMs And Their Impact On Crypto Security
The Federal Trade Commission (FTC) has flagged BTC ATMs as a major tool for scammers. According to a recent FTC report, fraudsters are increasingly using these machines to trick people into depositing cash directly into their crypto wallets.
Typically, scammers impersonate officials, warn victims about supposed financial threats, and advise them to deposit money into the payment instrument to “protect” their funds. However, in turn, these funds go straight to the scammer’s wallet, with no chance of recovery.
Meanwhile, the FTC’s data shows a staggering rise in reported losses, with over $110 million lost to Bitcoin ATM scams since 2020. In just the first six months of 2024, losses surpassed $65 million, affecting consumers of all ages.
The median loss reported was $10,000, with older adults over 60 being particularly vulnerable. These scams often involve government impersonation, business fraud, or fake tech support, exploiting victims’ fears to gain access to their money.
However, to protect against these schemes, the FTC advises users never to respond to unexpected messages, avoid withdrawing cash due to unsolicited calls, and verify any suspicious claims independently. The report said that real businesses and government agencies will never demand payments through this BTC payment option, making it crucial for consumers to recognize and avoid these deceptive tactics.
Meanwhile, last month, German authorities targeted unauthorized crypto ATMs, seizing 13 machines from 35 various locations and impounding a staggering $28 million in cash. This enforcement action highlights the country’s efforts to regulate the use of cryptocurrency ATMs and prevent illicit activities.
Why Are Crypto Hackers Targeting The BTC Payment Option?
Beyond scams, Bitcoin ATMs also pose significant cybersecurity risks. Experts warn that these machines are especially vulnerable to both physical and digital attacks. Unlike traditional ATMs, these alternatives are prime targets for hackers due to the high value of cryptocurrencies.
A recent CNBC report cites Timothy Bates, a cybersecurity professor, who points out that malware attacks on these machines can capture private keys, steal funds, or manipulate transactions. Many of these crypto ATMs also suffer from outdated software and lack regular security patches, increasing their susceptibility to cyber threats.
In addition, another concern of these ATMs is network vulnerabilities. If the machine’s network is unsecured, hackers can intercept data transfers, leading to unauthorized access or data theft. Joe Dobson, an analyst at Mandiant, highlights that Bitcoin’s decentralized nature, while a strength, also means there’s no governing body overseeing the ATMs. This lack of oversight opens the door for independent operators, some of whom may neglect essential security protocols.
Meanwhile, Bitcoin ATMs often require personal identification, such as Social Security numbers, for compliance with Know Your Customer (KYC) regulations. If compromised, this sensitive information could fall into the wrong hands, putting users at risk.
Rupam Roy
Rupam, a seasoned professional with 3 years in the financial market, has honed his skills as a meticulous research analyst and insightful journalist. He finds joy in exploring the dynamic nuances of the financial landscape. Currently working as a sub-editor at Coingape, Rupam’s expertise goes beyond conventional boundaries. His contributions encompass breaking stories, delving into AI-related developments, providing real-time crypto market updates, and presenting insightful economic news. Rupam’s journey is marked by a passion for unraveling the intricacies of finance and delivering impactful stories that resonate with a diverse audience.
Disclaimer: The presented content may include the personal opinion of the author and is subject to market condition. Do your market research before investing in cryptocurrencies. The author or the publication does not hold any responsibility for your personal financial loss.
Source link
Hut 8 and BITMAIN To Launch Next-Generation ASIC Bitcoin Miner with Liquid-to-Chip Cooling
German Government Shuts Down 47 Exchanges, Says They’re Tied To ‘Illegal Activity’
Toncoin, Intel Markets and Ethereum
Whale Dumps Entire PEPE, FLOKI, and WLD Holdings, What’s Next For These Assets?
Nervos Network Bulls Add More Profits To Their Wallets With Gambling Token Mpeppe
Celebrating 10 Years of the Hardware Wallet Revolution
FET price rises as CEX inflows rise ahead of Cudos merger vote
5 Crypto to Sell to Avoid Losses After Fed’s 50 bps Interest Rate Cut
Bitcoin on the Cusp of Breakout Into Parabolic Phase, Says Crypto Analyst – Here’s the Timeline
Germany's Commerzbank and DZ Bank To Offer Bitcoin and Crypto Trading
Hut 8 deepens Bitmain partnership with launch of new ASIC miner in 2025
Binance CEO Says Institutional Investors Grew 40% This Year
Solana’s New Phone Promises More for Less—And Already Seeing Huge Demand
Federal Reserve Cuts Interest Rates by 50 Basis Points to Address Economic Uncertainty
XRP, SOL stagnate as new rising altcoin seizes the moment with another ATH
Top Crypto News Headlines of The Week
Ethereum, Solana touch key levels as Bitcoin spikes
Bitcoin 20% Surge In 3 Weeks Teases Record-Breaking Potential
Bitcoin Open-Source Development Takes The Stage In Nashville
Ethereum Crash A Buying Opportunity? This Whale Thinks So
Why Did Trump Change His Mind on Bitcoin?
New U.S. president must bring clarity to crypto regulation, analyst says
Will XRP Price Defend $0.5 Support If SEC Decides to Appeal?
Shiba Inu Price Slips 4% as 3500% Burn Rate Surge Fails to Halt Correction
Citigroup Executive Steps Down To Explore Crypto
Bitcoin flashes indicator that often precedes higher prices: CryptoQuant
Crypto Market Movers: 5 Altcoins Making Waves This Bull Run
Dormant Bitcoin wallet from 2014 moves BTC worth $10.2m
Polygon on-chain activity spikes despite MATIC price dip
The Other Satoshis: Bitcoin's Most Important Early Contributors
24/7 Cryptocurrency News1 month agoTop Crypto News Headlines of The Week
Bitcoin2 months agoEthereum, Solana touch key levels as Bitcoin spikes
Bitcoin2 months agoBitcoin 20% Surge In 3 Weeks Teases Record-Breaking Potential
Opinion2 months agoBitcoin Open-Source Development Takes The Stage In Nashville
Altcoins2 months agoEthereum Crash A Buying Opportunity? This Whale Thinks So
Donald Trump2 months agoWhy Did Trump Change His Mind on Bitcoin?
Price analysis1 month agoWill XRP Price Defend $0.5 Support If SEC Decides to Appeal?
News2 weeks agoNew U.S. president must bring clarity to crypto regulation, analyst says
✓ Share: