- ZachXBT uncovered a North Korean crypto network with $300K-$500K monthly earnings.
- Investigation revealed complex laundering schemes and connections to OFAC-sanctioned individuals.
As a seasoned analyst with over two decades of experience in cybersecurity and blockchain investigations, I find ZachXBT’s recent discovery to be both alarming and fascinating. The unraveling of this North Korean crypto network is a testament to the intricate web of financial activities that are often hidden from plain sight.
Recently, blockchain expert ZachXBT discovered a highly organized team of North Korean programmers during his investigation.
These developers, involved in crypto, are suspected to earn $300,000-$500,000 monthly.
North Korea crypto scam uncovered
Based on information he revealed on the 15th of August, it’s probable that a solitary group in Asia, possibly North Korea, manages this system.
The group consists of 21 developers working on over 25 crypto projects, revealing significant hidden influence in the global crypto industry.
Providing further insights on the matter, ZachXBT added,
Without the team’s knowledge, they had employed several IT workers from the Democratic People’s Republic of Korea, disguising themselves as developers with false identities. Subsequently, I discovered over twenty-five cryptocurrency development projects involving these developers, which have been in operation since June 2024.
The process involved in the fraud
ZachXBT verified that the money laundering operation shifted $1.3 million from a theft address, moving it across from Solana [SOL] to Ethereum [ETH]. It subsequently deposited 50.2 ETH into Tornado Cash, and later distributed 16.5 ETH to two different digital exchanges.
ZachXBT traced different payment wallets employed by 21 developers and found a group of recent transactions adding up to around $375,000 within the last month, exposing a complex system of financial manipulations.
Who was involved?
As a researcher delving into the subject at hand, let me clarify that prior to the recent financial activities under scrutiny, a substantial sum of $5.5 million was transferred to an exchange account. Remarkably, this account had been receiving payments attributed to DPRK IT professionals from July 2023 through 2024.
The investigation revealed connections to Sim Hyon Sop, an individual currently sanctioned by the Office of Foreign Assets Control (OFAC).
Furthermore, it was discovered that multiple payment addresses connected to these developers shared links with Sang Man Kim, an individual under U.S. sanctions for his role in cyber activities related to North Korea.
It’s alleged that Kim has been overseeing the financial aspects of North Korean cyber operations, while also helping DPRK groups purchase technology in both China and Russia.
Furthermore, these recruitment agencies also hired some recognized developers. Occasionally, these developers would recommend each other for job openings.
“Many skilled developers have been sought after by seasoned teams in the cryptosphere, myself included. It’s important to remember that their past contributions shouldn’t be solely attributed to them, as they were part of a collaborative effort.”
There’s more to it…
The conversation took an unexpected twist when Naoki Murano, a North Korean tech worker uncovered by ZachXBT’s investigation, suddenly exited the chat and erased his GitHub profile due to the revelation.
Murano acted quickly, indicating that he was concerned about being associated with the network and wanted to reduce his online trace.
Read More
- SQR PREDICTION. SQR cryptocurrency
- DOGS PREDICTION. DOGS cryptocurrency
- TON PREDICTION. TON cryptocurrency
- EVA PREDICTION. EVA cryptocurrency
- HI PREDICTION. HI cryptocurrency
- METIS PREDICTION. METIS cryptocurrency
- UXLINK PREDICTION. UXLINK cryptocurrency
- LDO PREDICTION. LDO cryptocurrency
- STG PREDICTION. STG cryptocurrency
- CLOUD PREDICTION. CLOUD cryptocurrency
2024-08-16 19:01