Original Author: Liam Kelly, DL News
Original Translation: GaryMa Wu Says Blockchain
Summary
Fake applicants are testing the cryptocurrency industry's acceptance of anonymity.
The United Nations reports that 4,000 North Koreans have attempted to infiltrate the tech industry through job acquisition.
An expert states, "This is a silent war."
Recruiting in the cryptocurrency industry has never been an easy task.
Finding skilled developers is challenging, and managing remote workers across multiple time zones is also difficult.
Now, recruiting in cryptocurrency has become even harder.
A DL News investigation found that fake applicants are flooding job boards with forged resumes.
Moreover, there is increasing evidence that many of these fake applicants appear to be North Korean nationals attempting to infiltrate cryptocurrency projects for malicious purposes, including collecting sensitive data, hacking, and stealing assets.
Shaun Potts, founder of the cryptocurrency-focused recruitment firm Plexus, told DL News: "This is an operational risk for the industry; it’s a persistent phenomenon, just like hacking exists in the tech industry. You can't stop it, but you can try to mitigate the risks."
Hidden Identities
According to the United Nations Security Council, over 4,000 North Koreans have been instructed to conceal their identities in an attempt to enter the Western tech industry, including the cryptocurrency sector.
In a recent 615-page report, the Security Council stated that North Korean hackers have stolen $3 billion worth of cryptocurrency assets in 58 suspected cyber theft cases over the past seven years.
While it is unclear how many of these thefts were achieved through fake employees, experts are concerned that this trend is just beginning.
"They are illegally selling resources, IT jobs, labor, and hacking skills."
— Taylor Monahan, MetaMask
Because this is big business. The United Nations states that fake recruitment schemes can earn North Korea up to $600 million annually.
Taylor Monahan, chief security researcher at MetaMask, told DL News: "The resources they can sell to China are very limited, so they generate revenue through illegal sales of resources, IT jobs, labor, and hacking skills."
New Challenges
This development poses a new challenge for an industry moving towards the mainstream. With the launch of Bitcoin ETFs, Wall Street has embraced cryptocurrency as an asset class. Revenues for DeFi stalwarts like Solana and Aave are steadily increasing, and businesses are expanding.
As the industry scales up and the demand for new employees surges, the last thing the cryptocurrency sector needs is a flood of fake applicants.
The top ten cryptocurrency exchanges, including Coinbase and Binance, posted over 1,200 new positions just in May. Layoffs are also slowing down.
According to data from Layoffs.fyi, the number of unemployed in the cryptocurrency industry in the first quarter of this year has significantly decreased compared to the same period last year.
"They just added some new positions in LinkedIn searches to appear different."
— Karolis Kundrotas, Durlston Partners
Zak Cole, co-founder of the cryptocurrency venture studio Number Group, told DL News: "Everyone I know is either working on another project or has no free time. How do we bring in new talent?"
The answer is—expand the search.
AI Search
Cole and his co-founders did not turn to formal recruitment agencies but instead used an AI tool called Applicant AI to screen candidates. This tool uses AI to flag keywords in resumes that meet their criteria.
The results have been mixed. During a video interview with Number Group, a candidate claiming to be a native Dutch speaker hung up when asked to communicate in that language.
Another candidate's GitHub profile—programmers' LinkedIn—was created just a month ago, yet they applied for a senior developer position.
On another resume, a candidate applying for a remote position listed a state prison in Texas as their home address.
When asked if they actually lived in the prison, the candidate replied, "Yes."
Cole's biggest concern is ensuring that candidates are who they say they are.
He noted a pattern while screening candidates and scheduling interviews: many refused to turn on their cameras.
Video Calls
Typically, what they say in interviews contradicts what is written on their resumes. In other words, they are lying.
"They all have the same script," Cole said. He noted that if they appear on camera, the background is often blurred, and they are calling from a room with other people.
Karolis Kundrotas, a cryptocurrency industry consultant at Durlston Partners, stated that many applicants are copying real LinkedIn profiles.
"The experiences are identical, and the educational backgrounds match those of real individuals," he said. "They just add some new positions to make it appear different in LinkedIn searches."
Kundrotas emphasized that video calls are also crucial because you can see if the other person quickly reads additional information before answering.
In a video call shared with DL News, one candidate did just that.
The candidate claimed to have in-depth knowledge of non-fungible tokens (NFTs) and crypto gaming but had never heard of "Axie Infinity," one of the largest and most well-known games in the industry.
This is clearly a huge red flag.
Avoiding Background Checks
In addition to wasting a lot of time, these fake applicants also undermine a key pillar of cryptocurrency's core philosophy.
Anonymity and pseudonymity are important values in cryptocurrency. Project teams tend to avoid background checks and work at the speed of startups, making them prime targets for illegal recruitment schemes.
For this reason, Potts stated that 95% of his clients have stopped hiring pseudonymous developers.
Monahan from MetaMask said, "People underestimate the low barrier to entry in cryptocurrency. In reality, it’s not uncommon for random projects to hire someone to do some work and then quickly promote them."
This may be exactly what North Korean infiltrators are counting on.
Monthly Salaries of $60,000
Some secret North Korean cryptocurrency employees earn up to $60,000 a month and hold multiple full-time and freelance positions.
High earners can keep 30% of their income, with the rest going to the authorities in Pyongyang, according to the UN report.
Given North Korea's extreme poverty, these amounts are enormous for individuals.
This is why startups must remain vigilant.
Monahan said, "As long as this is effective, they will continue to post jobs on recruitment forums, create resumes, and attack cryptocurrency companies and projects."
Their work also has a geopolitical angle.
Erin Plante, vice president of investigations at Chainalysis, stated that there is evidence that North Korea partially funds its nuclear weapons program through hacking cryptocurrency websites. According to data from blockchain analysis firm Elliptic, North Korea's hacking group Lazarus Group stole $540 million in 2022 by attacking the Ronin Bridge.
In 2019, the U.S. Treasury Department's Office of Foreign Assets Control sanctioned Lazarus.
If North Korea is using fake applicants as part of this scheme, it would be a significant issue, said Adam Zarzinski, CEO of blockchain analysis firm Inca Digital.
Zarzinski, a former U.S. Air Force judge, told DL News: "This is a silent war."
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
