Cointelegraph reports that security experts say cryptocurrency companies must strengthen their defenses to address the threat of North Korean hackers infiltrating large Web3 firms through job applications and executing large-scale attacks.

Hiring North Korean developers may expose crypto projects to the risk of hacking and data breaches. For instance, in May of this year, a data breach at Coinbase revealed the wallet balances and actual locations of about 1% of its monthly active users, potentially exposing the exchange to compensation risks of up to $400 million.

According to crypto security experts interviewed by Cointelegraph, the industry needs to adopt higher standards for wallet management, real-time AI monitoring to proactively prevent attacks, and enhance employee vetting processes.

Yehor Rudytsia, head of forensics and incident response at blockchain security firm Hacken, pointed out that "institutions must take the risk of North Korean IT professionals very seriously" and need to conduct "comprehensive background checks and strict role permission management."

Rudytsia told Cointelegraph that crypto companies should also adhere to the CCSS (Cryptocurrency Security Standard, which includes dual control, audit trails, and authentication) for wallet operations. "Additionally, there should be enhanced logging, monitoring of unusual activities, and regular reviews of cloud settings. The key is continuous validation and monitoring, not just trust."

Dual wallet control is a multi-signature wallet that requires multiple key holders to jointly sign off to confirm a transaction.

While most North Korean developers are not hackers, their salaries provide funding for the North Korean government, which has become one of the major cybercrime threats in the crypto industry.

A week ago, Binance co-founder Changpeng Zhao (CZ) issued a warning, pointing out that North Korean hackers are infiltrating crypto companies through job applications and bribery, and the threat is escalating. Relevant data shows that at least 60 North Korean agents are disguising themselves as IT professionals, seeking jobs in the U.S. under false names.

His warning stems from the ethical hacking organization Security Alliance (SEAL) releasing profiles of at least 60 North Korean agents posing as IT professionals seeking jobs in the U.S.

The database includes key information about North Korean impersonators, including aliases, false names, email addresses, related websites, real and false nationalities, addresses, locations, and the number of companies that have employed them.

Experts recommend that companies adopt artificial intelligence to implement real-time threat detection.

According to Deddy Lavid, co-founder and CEO of blockchain security firm Cyvers, in an interview with Cointelegraph, "North Korean IT professionals are infiltrating crypto companies, gaining internal access, and then transferring stolen funds or stealing data." He added:

Lavid stated that applying AI anomaly detection during the hiring process, combined with on-chain and off-chain data, can further enhance corporate security.

In June of this year, four North Korean operatives infiltrated multiple crypto companies as freelance developers, stealing a total of $900,000, further highlighting the escalation of this threat.

Related: Crypto Executives: Stablecoins Need Consumer Protection to Replace Existing Payment Giants

Original article: “The Crypto Industry Needs Dual Wallet Management and AI Monitoring to Guard Against North Korean Hackers”

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。