Security agencies: North Korean agents are found to be infiltrating as many as 15% to 20% of crypto companies.

According to Pablo Sabbatella, a member of the Security Alliance and founder of the Web3 auditing firm Opsek, North Korea's penetration into the crypto industry is "far beyond what anyone imagined." (Odaily Planet Daily)

Pablo Sabbatella stated at the Devconnect conference that North Korean agents infiltrate as many as 15% to 20% of crypto companies. He estimated that 30% to 40% of all job applications received by crypto companies are attempts by North Korean agents to infiltrate these organizations. He warned that if these estimates are accurate, the potential scope of disruption would be staggering.

Sabbatella points out that the scale of North Korean infiltration goes beyond hacking to steal funds (billions of dollars have been stolen over the past three years to fund nuclear weapons programs), including having staff employed by legitimate companies to gain access to systems and operate the infrastructure that underpins major crypto companies.

Regarding how they are hired, Sabbatella explained that North Korean workers primarily act as "fronts" by recruiting unsuspecting remote workers around the world. These recruiters reach out to individuals in Ukraine, the Philippines, and other developing countries through freelance platforms such as Upwork and Freelancer. They offer collaborators a 20% cut of the earnings in exchange for handing over verified account credentials or allowing North Korean agents to use their identities remotely, with the North Korean agents retaining 80%.

Sabbatella stated that many North Korean hackers target the United States, using an American as a "front" and posing as a Chinese person who doesn't speak much English to get an interview. They infect the "front's" computer with malware, gaining a US IP address and access to most of the internet that is inaccessible from North Korea. Once hired, companies retain them because they "perform well, work heavy workloads, and never complain."

Sabbatella also stated that the success of North Korea's criminal activities lies not only in clever social engineering but also in the inadequacy of operational security (opsec) by crypto companies and users themselves. He bluntly stated that the crypto industry "may have the worst opsec in the entire computer industry," with many founders "fully doxxed their information, doing a terrible job of holding private keys securely, and easily becoming victims of social engineering."