🥷🏻 The Cosmos Developer Turned Out to Be Linked to North Korea
Interchain Labs confirmed that between 2022 and 2024, one of the developers of the Cosmos ecosystem projects was found to be linked to North Korea. This participant, who worked for a third-party contractor before the centralization of development, was stripped of access after control was handed over to Interchain Labs.
The developer, known by the pseudonym cool-develope, had limited access to two repositories: cosmos/IAVL and cosmos/cosmos-sdk. An audit showed that most of his changes did not make it into releases, and no active vulnerabilities were found.
