SEAL Exposes North Korean Plan to Breach Crypto Companies

Crypto News Exploits

SEAL Exposes North Korean Plot to Infiltrate Crypto Companies

Written by Aaron S.,

Editor-In-Chief

Last Updated: September 18, 2025

Key Takeaways

SEAL identified 60 fake IT profiles linked to North Korea aiming to access crypto firms through fraudulent remote job applications;
These impostors used fake names, credentials, and locations to get hired and potentially reach sensitive user and company data;
Changpeng Zhao warned firms to screen applicants, train staff on file safety, and stay alert for suspicious messages or bribery attempts.

Stop overpaying - start transferring money with Ogvio. Sign up, invite friends & grab Rewards now! 🎁

SEAL Exposes North Korean Plot to Infiltrate Crypto Companies

BITDEGREE IN YOUR SOCIAL FEED

A group of ethical hackers, known as the Security Alliance (SEAL), has uncovered a network of individuals posing as IT professionals to gain unauthorized access to cryptocurrency companies.

According to their findings, at least 60 fake profiles connected to North Korean actors were created with the intent of securing remote work in crypto-related businesses.

These individuals used false names, fake credentials, and forged personal details to secure jobs that could expose user data or internal systems.

What is Terra Luna? History & Crash Explained (ANIMATED)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

The group shared a public database that includes details such as email addresses, fabricated identities, supposed locations, citizenship claims, and even past employers that unknowingly hired these impostors.

The repository also includes information about their coding activity, payment history, and other publicly available links tied to each false identity.

Changpeng Zhao, co-founder of Binance $10.24B , warned that these tactics are part of a plan by North Korean hackers to infiltrate companies.

He explained that the attackers do not only pretend to be job seekers. In some cases, they pose as employers to interview real staff. During these fake interviews, they may send malicious files disguised as software updates.

According to him, some attackers send fake code samples containing harmful scripts, while others pose as regular users contacting support teams to send dangerous links. In certain cases, employees or contractors are approached with offers of money in return for access to sensitive company information.

Zhao recommended that companies improve their hiring checks, train staff not to open unknown files, and be careful when dealing with unexpected messages, especially those involving links or attachments.

Recently, Anthropic warned that hackers are using Claude to carry out online crimes. What did the company say? Read the full story.