April 04, 2025
11 11 11 AM
Latest Post
Not a Meme! DePIN Can Take Crypto Mainstream TON’s Dramatic Volatility Signals Market Uncertainty Crypto-Friendly Prime Broker Hidden Road in Active Takeover Talks: Sources Illinois to Drop Staking Lawsuit Against Coinbase Dogecoin Volatility Surge: From Stability to Dramatic Decline Luxor’s Aaron Forster on Bitcoin Mining’s Growing Sophistication Investment Firm Republic to Acquire Crypto Trader INX Digital for Up to $60M WisdomTree Expands Institutional Tokenized Fund Platform to Arbitrum, Avalanche, Base and Optimism USDC Navigates Global Market Stress With Minimal Volatility Bitcoin Nears $80K but ‘Turning Point’ in Sight, Suggests Analyst

Google Warns Solana Projects That North Koreans Are Increasingly Targeting European Projects

North Korean “IT workers” are increasing illicit cyber activity across Europe with an eye on blockchain projects, Google Cloud warned in a Wednesday report.

Projects built on the popular Solana network, including applications and job boards, are getting hit by the rising attacks. Democratic People’s Republic of Korea (DPRK) operatives pose as legit remote workers to infiltrate companies, take over critical systems and steal sensitive data which is likely sold to “generate revenue for the regime.”

The increased threat in Europe is a shift from a U.S.-heavy focus as DPRK-linked entities faced heat from DOJ indictments and tighter hiring scrutiny stateside.

The report reveals that one such worker juggled 12 fake personas across the U.S. and Europe and sought employment by fabricating references, building a rapport with job recruiters, and using additional personas they controlled to vouch for their credibility.

It’s not like the workers lack coding chops either: Workers were found taking projects ranging from token hosting platform using Next.js, React and CosmosSDK, and Golang, and even created an entire Solana-based job marketplace.

More blockchain-related projects involved Anchor and Rust smart contract development. One worker even developed an artificial intelligence (AI) web application using Electron, Next.js, and blockchain applications.

A key culprit may be workplaces that let employees use their own devices.

“(Google Cloud) believes that IT workers have identified BYOD environments as potentially ripe for their schemes, and in January 2025, IT workers are now conducting operations against their employers in these scenarios,” the report said.

“Global expansion, extortion tactics, and the use of virtualized infrastructure all highlight the adaptable strategies employed by DPRK IT workers.”

DPRK entities and hacking groups are one of the biggest threat actors in the crypto ecosystem, stealing an estimated $1.3 billion from projects in 2024 and conducting a $1.5 billion hack on crypto exchange Bybit in February alone.

This post was originally published on this site