{ "id": 49432, "date": "2025-09-26T18:12:41", "date_gmt": "2025-09-26T11:12:41", "guid": { "rendered": "https:\/\/hbbgroup.net\/crypto-needs-dual-wallet-management-ai-monitoring-of-north-korean-hackers\/" }, "modified": "2025-09-26T18:12:41", "modified_gmt": "2025-09-26T11:12:41", "slug": "crypto-needs-dual-wallet-management-ai-monitoring-of-north-korean-hackers", "status": "publish", "type": "post", "link": "https:\/\/hbbgroup.net\/en_us\/crypto-needs-dual-wallet-management-ai-monitoring-of-north-korean-hackers\/", "title": { "rendered": "Crypto needs dual wallet management, AI monitoring of North Korean hackers" }, "content": { "rendered": "
\n

Cryptocurrency companies need to strengthen defenses against North Korean hackers who are seeking jobs at major Web3 businesses to stage large-scale exploits, security experts told Cointelegraph.<\/p>\n

Hiring North Korean developers may open a crypto project\u2019s infrastructure to the threat of hacks and data breaches similar to the Coinbase data breach<\/a> in May, which exposed the wallet balances and physical locations of about 1% of the exchange\u2019s monthly users, potentially costing the exchange up to $400 million in reimbursement expenses.<\/p>\n

To fight this growing threat, the industry needs to adopt enhanced wallet management standards, real-time AI monitoring for the early prevention of exploits and more secure employee vetting practices, crypto security experts told Cointelegraph.<\/p>\n

\u201cOrganizations need to treat the DPRK [Democratic People\u2019s Republic of Korea] IT worker risk seriously,\u201d with \u201cthorough background checks and strict role-based access,\u201d said Yehor Rudytsia, head of forensics and incident response at blockchain cybersecurity company Hacken.<\/p>\n

Crypto companies must also follow \u201cCCSS practices for wallet operations (dual control, audit trails, identity verification),\u201d Rudytsia told Cointelegraph. \u201cOn top of that, keep enhanced logging, monitor for unusual activity, and review cloud setups often. The key is simple: keep verifying, keep monitoring, and don\u2019t rely on trust alone.\u201d<\/p>\n

Dual wallet control is a type of multisignature wallet<\/a>, which requires multiple key holders to sign a transaction for confirmation.<\/p>\n

While most North Korean developers are not hackers, their wages help fund the state, which has become a leading cybercrime threat to the crypto industry.<\/p>\n

Related: <\/strong><\/em>Circle explores \u2018reversible\u2019 USDC transactions in break from crypto ethos<\/strong><\/em><\/a><\/p>\n

A week ago, Binance co-founder Changpeng Zhao sounded the alarm<\/a> on the growing threat of North Korean hackers seeking to infiltrate crypto companies through employment opportunities and bribes.<\/p>\n

Source: Changpeng <\/em>Zhao<\/em><\/a><\/figcaption><\/figure>\n

His warning came after an ethical hacker group called Security Alliance (SEAL) published the profiles of at least 60 North Korean agents posing as IT workers under fake names, seeking US employment.<\/p>\n

The repository contained key information on North Korean impersonators, including aliases, fake names and email used, along with websites, both real and fake citizenships, addresses, locations and the numbers of firms that hired them.<\/p>\n

SEAL team repository of 60 North Korean IT worker impersonators. Source: lazarus.group\/team<\/em><\/figcaption><\/figure>\n

Related: <\/strong><\/em>World Liberty adviser bets millions as corporate treasuries fuel AVAX rally<\/strong><\/em><\/a><\/p>\n

Real-time AI threat monitoring can save crypto companies from data breaches<\/h2>\n

Experts also recommend adopting artificial intelligence for real-time threat detection.<\/p>\n

\u201cNorth Korean IT workers are infiltrating crypto firms to gain insider access and move stolen funds or to steal data,\u201d Deddy Lavid, co-founder and CEO of blockchain cybersecurity company Cyvers, told Cointelegraph, adding:<\/p>\n

\u201cThe Coinbase breach was a warning. Proactive, AI-driven monitoring is how to stop the next one.\u201d<\/p><\/blockquote>\n

Lavid said AI-based anomaly detection in hiring and linking onchain and offchain data could further protect firms.<\/p>\n

In June, four North Korean operatives infiltrated multiple crypto companies as freelance developers, stealing a cumulative $900,000 from these<\/a> startups, illustrating the threat.\u00a0<\/p>\n