ZachXBT Exposes North Korean Dev Network Making Half a Million Dollars Monthly
Key Takeaways ZachXBT uncovered a network of North Korean developers earning up to $500K monthly by infiltrating over 25 crypto projects; The network was exposed after a team lost $1.3M due to malicious code inserted by developers, later identified as North Korean IT workers using fake identities; The investigation linked the network to individuals sanctioned by the US.
ZachXBT, the well-known crypto sleuth, has uncovered a network of North Korean developers earning up to $500,000 monthly through crypto projects.
The investigator shared these findings on X on August 15 , exposing what he believes to be a highly coordinated operation run by a single entity in Asia.
According to ZachXBT, this network employs at least 21 developers who have infiltrated over 25 crypto projects and have stolen millions of dollars from unsuspecting organizations.
The network was discovered when a team sought ZachXBT's help after $1.3 million was stolen from their treasury due to malicious code inserted by developers. The team was unaware they had hired North Korean IT workers using fake identities.
Through his investigation, ZachXBT traced multiple payment addresses linked to these developers. He found that one group of developers had received $375,000 in the last month alone, with total transactions amounting to $5.5 million.
One person connected to these transactions is Sim Hyon Sop, who has been sanctioned by the US Office of Foreign Assets Control (OFAC) for allegedly coordinating financial transfers that support North Korea's weapons programs.
ZachXBT's investigation also linked other payment addresses to another OFAC-sanctioned individual, Sang Man Kim, who is believed to have received $2 million in crypto for selling IT equipment to North Korean teams in China and Russia.
ZachXBT emphasized that several experienced teams had unknowingly hired these North Korean developers. He mentioned an incident where another project realized they had hired a North Korean IT worker, Naoki Murano, listed in his findings. When the project shared ZachXBT's post in their group chat, Murano immediately left the chat and deleted his GitHub account.
The involvement of organizations linked to North Korea in cyberattacks and scams is not new. Among the most notorious groups associated with North Korea is the Lazarus Group, which laundered over $200 million in crypto through more than 25 hacks between 2020 and 2023 .
ZachXBT's findings add to the growing evidence of North Korea's involvement in a complex web of cybercrime within the cryptocurrency industry.
Gode is a mutilingual professional, having studied in multiple universities all across Europe. This allows her to have a one-of-a-kind opportunity to analyze Web3 social sentiments spanning different cultures and languages and, in turn, develop a much deeper understanding of how the Web3 space is growing within different communities. With the rest of her team, Gode works to identify crucial crypto news patterns and provide unbiased and data-driven information.
Gode’s passions include working and communicating with people, and when she’s not researching Web3 news, she spends her time traveling and watching true crime documentaries.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Nayib Bukele meets Elon Musk at Tesla to discuss AI, future of humanity
Crypto Prices Today: Bitcoin Holds Above $62K as Crypto Market Shows Resilience
JASMY Eyes Major Breakout as FET Aims to Reclaim $2 Price Target, Altcoins Reflect BTC’s Bullish Plan
Nayib Bukele meets Elon Musk at Tesla to discuss AI, future of humanity