The founder of Binance, Changpeng Zhao, has sounded the alarm over the sophisticated methods North Korean hackers are using to infiltrate crypto exchanges and steal digital assets.
In a detailed post on X, Zhao described the hackers as “advanced, creative, and patient,” noting that they often exploit human weaknesses as much as technical flaws.
According to him, the hackers frequently pose as job candidates, applying for roles in development, security, and finance to secure insider access.
They also masquerade as employers, luring unsuspecting exchange employees into fake interviews. In these scenarios, they claim to encounter Zoom issues and send malicious “updates” or “sample code” that secretly installs viruses on victims’ devices.
Bribery and customer support exploits
The Binance founder further revealed that hackers have targeted crypto platforms by posing as users, embedding viruses in links sent through customer support requests.
- Beyond these technical maneuvers, Zhao warned that the groups also bribe employees and outsourced service providers to gain access to sensitive systems.
- He referenced a recent case where a major Indian outsourcing firm was hacked, leading to a breach at a U.S. exchange that resulted in more than $400 million in user asset losses.
- “The list goes on,” Zhao wrote, stressing that crypto companies must carefully screen candidates and train employees not to download unverified files.
With the crypto industry already facing regulatory headwinds and investor scrutiny, Zhao’s warning highlights the pressing need for stronger cyber hygiene across crypto exchanges and service providers.
North Korea’s billion-dollar crypto heists
Zhao’s warning aligns with long-standing assessments by global security agencies, which have accused North Korean-linked hacker groups, particularly the Lazarus Group, of being behind some of the world’s largest crypto heists.
Blockchain analytics firm Chainalysis recently reported that Crypto hacking incidents surged in 2024, with total funds stolen increasing by 21.07% year-over-year to $2.2 billion.
According to the report, North Korea-linked hacking groups were responsible for 61% of the total amount stolen, as they carted away $1.34 billion across 47 incidents.
North Korea’s state-sponsored hacking activities often fund weapons development programs and circumvent international sanctions.
- The report noted an increase in both the frequency and scale of these attacks, with more exploits exceeding $100 million in value.
- The report also uncovered sophisticated tactics employed by North Korean operatives, including the infiltration of crypto and Web3 companies.
- Using false identities, third-party intermediaries, and remote work opportunities, North Korean IT workers compromised networks and operations.
The U.S. Department of Justice recently indicted 14 North Korean nationals accused of working as remote IT contractors at U.S. firms, generating over $88 million by stealing proprietary information and extorting employers.
