Home Markets North Korean hackers are flooding the crypto job market with plagiarized resumes

North Korean hackers are flooding the crypto job market with plagiarized resumes


Due to a long-standing embargo on the North Korean regime, local authorities have made headlines countless times for unusual – and often illegal – ways to raise funds.

From hacking regular banks to mining in-game currencies to botting, the methods range from essentially harmless to outright threats to national security.

Crypto markets targeted in force

In recent years, the North Korean regime has set its sights on the crypto market, with multiple attacks on crypto exchanges by the Lazarus Group and others. However, a recent report from Bloomberg and security researchers from Mandiant say that the North Korean government-sponsored hackers are now focusing more on another method of raising money through the crypto market.

Instead of hacking vulnerable crypto exchanges and other projects like Harmonythe Lazarus group now has members posing as IT professionals on LinkedIn and Indeed, appropriating the resumes of legitimate users.

According to Joe Dobson – one of Mendiant’s analysts – these are then edited and sent to companies that hire blockchain developers in hopes of gaining inside information and creating backdoors that would allow later exploitation. the platforms in question.

β€œIt boils down to insider threats. If someone is hired for a crypto project and they become a lead developer, it allows them to influence things, whether for good or not.

Plagiarized resumes

Although CVs are mostly plagiarized, some also contain blatantly false information – such as white papers for exchanges that seem never to have existed, intentionally vague job descriptions, etc. to publish the information.

On Twitter, however, stories of interviewers allegedly being targeted by Lazarus’ latest project have been popping up.

The report says that most suitable CVs cite the skills of Chinese and Russian people, with a smaller number of CVs being copied from developers in Africa and Southeast Asia. These resumes are then used to create several fake job seeker profiles, many of which use nearly identical language to describe their skills.

A smaller group also claimed to be South Korean, Japanese or American remote workers. In any case, almost all of the CVs identified applied for positions in the United States and Europe.

The report advises recruiters to remain vigilant when screening candidates, noting the substantial amount of damage to the business that can be caused by even a small engagement in its internal software systems.


Binance Free $100 (Exclusive): Use this link to sign up and receive $100 free and 10% fee discount on Binance Futures for the first month (terms).

PrimeXBT Special Offer: Use this link to sign up and enter code POTATO50 to receive up to $7,000 on your deposits.


Please enter your comment!
Please enter your name here