Close Menu
ApeWatcher News
  • Home
  • Advertise
  • Headlines
  • Crypto
    • News
    • Bitcoin
    • Ethereum
    • Altcoin
    • View All
  • DeFi
  • NFT
  • Metaverse
  • Guides
  • Rates
  • Videos
  • Listing Platform
  • BSC
  • ETH
  • Listing Platform
  • BSC
  • ETH
What's Hot

XRP Price Analysis: V-Shaped Rebound Sets Target at $3.40

May 18, 2025

Trump’s ‘Big, Beautiful Bill’ Could Push Millions to Crypto

May 18, 2025

Retired artist loses $2M in crypto to Coinbase impersonator

May 18, 2025
X (Twitter) Telegram
  • Listing Platform
  • Home
  • BSC
  • ETH
Advertise
X (Twitter) Telegram
ApeWatcher News
  • Headlines
  • Crypto
    1. News
    2. Bitcoin
    3. Ethereum
    4. Altcoin
    5. View All

    XRP Price Analysis: V-Shaped Rebound Sets Target at $3.40

    May 18, 2025

    Trump’s ‘Big, Beautiful Bill’ Could Push Millions to Crypto

    May 18, 2025

    Retired artist loses $2M in crypto to Coinbase impersonator

    May 18, 2025

    Dogecoin (DOGE) Price Analysis: Whales Accumulate 1 Billion Tokens

    May 18, 2025

    Shares of Chinese Apparel Firm in Choppy Trading After Announcing $800,000,000 Bitcoin and Crypto Investment Strategy

    May 17, 2025

    A Dozen New Defendants Charged in Alleged RICO Conspiracy Tied to $263,000,000 Crypto Theft

    May 17, 2025

    A Bitcoiner’s guide to South Africa’s Garden Route

    May 17, 2025

    Bitcoin to $250K in 2025 ‘totally possible’ — crypto analyst Scott Melker

    May 17, 2025

    Bitcoin breaks out while Coinbase breaks down: Finance Redefined

    May 16, 2025

    51% attack on Ethereum more difficult than on Bitcoin — Justin Drake

    May 16, 2025

    Starknet hits ‘Stage 1’ decentralization, tops ZK-rollups for value locked

    May 16, 2025

    Ethereum Building Up Momentum Before a Massive Breakout, Predicts Michaël van de Poppe – Here Are His Targets

    May 15, 2025

    Altcoins are on the verge of ‘most powerful rally’ since 2017 — Analyst

    May 16, 2025

    XRP price path to $3.40 remains intact — Here is why

    May 16, 2025

    Judge’s settlement rejection has no effect on legal victory

    May 16, 2025

    The emergence of Sonic and what it means for DeFi: Report

    May 16, 2025

    XRP Price Analysis: V-Shaped Rebound Sets Target at $3.40

    May 18, 2025

    Trump’s ‘Big, Beautiful Bill’ Could Push Millions to Crypto

    May 18, 2025

    Retired artist loses $2M in crypto to Coinbase impersonator

    May 18, 2025

    Dogecoin (DOGE) Price Analysis: Whales Accumulate 1 Billion Tokens

    May 18, 2025
  • DeFi
  • NFT
  • Metaverse
  • Guides
  • Videos

    3 Crypto Coins Getting Ready to EXPLODE! “This Will Shock People”

    May 17, 2025

    Bessent Revealed ALL: Trump's Crypto Plans & Trade Deals!

    May 17, 2025

    SOLANA WILL PUMP ON THIS DATE ($5 BILLION FTX PAYOUT)

    May 17, 2025

    It Started: Bitcoin About To Go INSANE

    May 16, 2025

    Coinbase SEC Probe: 100M Users? Is This the New SBF?

    May 16, 2025
ApeWatcher News
Home » North Korean hackers target crypto devs with fake recruitment tests
North Korean hackers target crypto devs with fake recruitment tests
News

North Korean hackers target crypto devs with fake recruitment tests

Coin TelegraphBy Coin TelegraphApril 17, 20250 ViewsNo Comments
Share
Facebook Twitter LinkedIn Pinterest Email

North Korean hackers linked to the $1.4 billion Bybit exploit are reportedly targeting crypto developers using fake recruitment tests infected with malware. 

Cybersecurity outlet The Hacker News reported that crypto developers have received coding assignments from malicious actors posing as recruiters. The coding challenges have reportedly been used to deliver malware to unsuspecting developers.

Malicious actors approach crypto developers on LinkedIn and tell them about fraudulent career opportunities. Once they convince the developer, the hackers send a malicious document containing the details of a coding challenge on GitHub. If opened, the file installs stealer malware capable of compromising the victim’s system.

The scam is reportedly run by a North Korean hacking group known as Slow Pisces, also referred to as Jade Sleet, Pukchong, TraderTraitor and UNC4899. 

Cybersecurity professionals warn of fraudulent job offers 

Hakan Unal, senior security operations center lead at security firm Cyvers, told Cointelegraph that the hackers often want to steal developer credentials and access codes. He said these actors often look for cloud configurations, SSH keys, iCloud Keychain, system and app metadata, and wallet access. 

Luis Lubeck, service project manager at security firm Hacken, told Cointelegraph that they also try to access API keys or production infrastructure. 

Lubeck said that the main platform used by these malicious actors is LinkedIn. However, the Hacken team observed hackers using freelance marketplaces like Upwork and Fiverr as well.

“Threat actors pose as clients or hiring managers offering well-paid contracts or tests, particularly in the DeFi or security space, which feels credible to devs,” Lubeck added. 

Hayato Shigekawa, principal solutions architect at Chainalysis, told Cointelegraph that the hackers often create “credible-looking” employee profiles on professional networking websites and match them with resumes that reflect their fake positions. 

They make all this effort to ultimately gain access to the Web3 company that employs their targeted developer. “After gaining access to the company, the hackers identify vulnerabilities, which ultimately can lead to exploits,” Shigekawa added. 

Related: Ethical hacker intercepts $2.6M in Morpho Labs exploit

Be wary of unsolicited developer gigs

Hacken’s onchain security researcher Yehor Rudytsia noted that attackers are becoming more creative, imitating bad traders to clean funds and utilizing psychological and technical attack vectors to exploit security gaps. 

“This makes developer education and operational hygiene just as important as code audits or smart contract protections,” Rudytsia told Cointelegraph. 

Unal told Cointelegraph that some of the best practices developers can adapt to avoid falling victim to such attacks include using virtual machines and sandboxes for testing, verifying job offers independently and not running code from strangers. 

The security professional added that crypto developers must avoid installing unverified packages and use good endpoint protection. 

Meanwhile, Lubeck recommended reaching out to official channels to verify recruiter identities. He also suggested avoiding storing secrets in plain text format.

“Be extra cautious with ‘too-good-to-be-true’ gigs, especially unsolicited ones,” Lubeck added. 

Magazine: Your AI ‘digital twin’ can take meetings and comfort your loved ones

Read the full article here

Follow us on Google News to get the latest Updates

 
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

XRP Price Analysis: V-Shaped Rebound Sets Target at $3.40

May 18, 2025

Trump’s ‘Big, Beautiful Bill’ Could Push Millions to Crypto

May 18, 2025

Retired artist loses $2M in crypto to Coinbase impersonator

May 18, 2025

Dogecoin (DOGE) Price Analysis: Whales Accumulate 1 Billion Tokens

May 18, 2025

US Stock Market Looks More Favorable Now Than Pre-Trade War, According to Fundstrat’s Tom Lee – Here’s Why

May 18, 2025

BNB Price Analysis: Trades in Tight Range Amid Decreasing Volatility

May 18, 2025
Add A Comment
Leave A Reply Cancel Reply

Top Articles

XRP Price Analysis: V-Shaped Rebound Sets Target at $3.40

May 18, 2025

Trump’s ‘Big, Beautiful Bill’ Could Push Millions to Crypto

May 18, 2025

Retired artist loses $2M in crypto to Coinbase impersonator

May 18, 2025
ApeWatcher News
X (Twitter) Telegram
  • Privacy Policy
  • Sources
  • Terms and Conditions
  • Contact
  • Advertise
© 2025 Ape Watcher News

Type above and press Enter to search. Press Esc to cancel.