Investigator 'ZachXBT' revealed leaked documents showing the involvement of North Korean IT employees using more than 30 fake identities across platforms like 'Upwork' and 'LinkedIn' to infiltrate cryptocurrency development projects.
The leaked data included timelines, weekly reports, and expenses related to the purchase of accounts and phone numbers, as well as VPN services, along with evidence of using software like 'AnyDesk' to convert earned funds into digital currencies via 'Payoneer'.
One wallet (0x78e1) was also linked to a $680,000 hack of the 'Favrr' platform in June 2025.
Investigator 'ZachXBT' indicated that the capabilities of these employees are not advanced, but their danger lies in their persistence and the frequency of attempts.
This comes as part of a broader pattern, as the North Korean group 'Lazarus' has been linked to major operations, including the hacking of 'Bybit' and the theft of $1.5 billion in February 2025, followed by an attack on the Indian 'CoinDCX' worth $44 million in July.
#HackedOrExploited #HackerAlert #BinanceHerYerde #BinanceExplorers #BinanceArabia