The software developer who turned up on the call for an interview with UK verification startup Cheqd a few months ago ticked all the right boxes. Based somewhere in Europe, he knew his stuff, had some experience, and spoke good English.

However, when they returned for the second round of the interview process and a live programming test, their accent had become distinctly more Asian, their internet connection was lagging, and their camera wouldn’t switch on. 

More concerningly, when the team at Cheqd reviewed a recording of their screen during the coding test, they found footage of them switching between tabs and pages with Korean characters.

Fraser Edwards, CEO and founder of Cheqd, told Decrypt that this individual was just one of around five attempts by suspected North Korean operators to join the company that his team had seen over the last year. 

And while attempts by North Korea to infiltrate tech and crypto companies in order to hack them have been ongoing for several years, companies and recruiters are now reporting that the country may be hiring foreigners to pose as fronts to help get them through the early stages of the recruitment process.

“Almost universally, you'd go from someone who would sound European on the first call to someone who would very much sound like they were from somewhere in Asia,” Edwards said.

More than $2.2 billion was stolen from crypto platforms by hackers in 2024, according to Chainalysis, representing a 21% increase over the previous year. Of that 61%, or $1.34 billion, of funds stolen has been attributed to North Korean state actors. 

“It appears that the DPRK’s crypto attacks are becoming more frequent,” the company noted in its annual report. 

“Some of these events appear to be linked to North Korean IT workers, who have been increasingly infiltrating crypto and Web3 companies, and compromising their networks, operations, and integrity.

Those workers often use sophisticated Tactics, Techniques, and Procedures, such as false identities, third-party hiring intermediaries, and manipulating remote work opportunities to gain access.”

A growing concern

Cheqd isn’t alone. North Koreans have attempted—in some cases successfully—to infiltrate multiple crypto companies over the last few years. Earlier this year, crypto exchange Kraken revealed they had been targeted, although the person was caught before a hire was made. 

Recruiter Owen Healey, director of Ireland-based Owen Healey Blockchain Talent, told Decrypt that using predominantly European candidates in the early stages of interviews is a tactic he has only begun to see emerging over the past few months. 



He’s no stranger to dealing with North Koreans trying to secure jobs in crypto; he’s been approached by them numerous times over the past few years and has published extensive advice on LinkedIn on how to identify and weed them out of the recruiting process.

“There are simple hacks,” he said. Among them, he said he tries to engage them in conversations about popular culture or the place where they claim to be living—he notes that a disproportionate number claim to be based in Toronto, Canada.

“The goal, I suppose, is just getting them off-script, and then it becomes pretty obvious that they're not who they say they are,” he said. 

But this new pattern could make that less effective. “That seems to be the next thing that they're targeting, getting proxies in legitimate countries to represent them and then ultimately that work being outsourced to North Korea.” 

He raised concerns about how this could affect companies’ attitudes to remote hiring, and particularly hiring from abroad, and misidentifying genuine applicants as North Korean workers simply because they are based in Asia. 

Recruitment in the age of AI

It comes as technology is making considerable changes in hiring and recruitment. 

One non-crypto recruiter Decrypt spoke to bemoaned increased use of AI leading to a deluge of “AI slop” in the form of unedited AI-generated CVs and cover letters peppered with ChatGPT stock phrases. 

They said their company had seen claims for skills candidates didn’t possess, misrepresentations about language skills, and a general increase in workload as they needed to introduce more stringent verification processes to test the claims of potential hires. 

While in some areas this simply meant qualification checks, trying to prove more specific skills, such as coding or language skills—which require the person doing the hiring to also possess them—are proving difficult. 

Even attempts to test skills are becoming a cat-and-mouse game with the advent of new technology. 

Where Cheqd has been implementing live programming tests to ensure developers possess the skills they claim and aren’t using AI to assist them, in the U.S., a former Columbia University student recently raised $5.3 million for his startup, Cluely, to help people cheat in job interviews, exams, and sales calls. 

A promo video by the company shows the founder, Chungin Lee, using the tech to fake interests and get advice while on a date.

Such tools will undoubtedly help North Korean IT workers bypass “pop culture tests” and other measures companies are trying to employ to identify them, as will the hiring of non-North Koreans to assist them in securing jobs. 

As for Cheqd, it’s now trying to work out how to shore up its recruitment processes. It’s about to hire for a few new roles, and Edwards thinks the process is likely to be more difficult when it comes to identifying fraud and scam attempts than it was previously.

His first port of call has been to rely more on his already existing networks and seek recommendations from people he already knows. 

“We may not even go out to market, which is terrible because if you don't have that network you are kind of screwed [when it comes to finding a job]” he said.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。