Warning for Crypto Startups: How to Verify Job Candidates

September 18, 2025 admin Law & Order 0
North Korean Hackers

What’s Going On

  • Changpeng “CZ” Zhao, co-founder of Binance, warned of a new scam tactic used by North Korean hackers.

  • A “white hat” hacker group called SEAL (Security Alliance) has found 60 individuals pretending to be IT workers. These are not legitimate candidates but impersonators with the goal of infiltrating crypto companies. 

How the Scam Works

The impersonators use various tricks to try to gain access to company systems and sensitive data. Here are the main methods:

Fake Job Applications – They apply for jobs in fields like development, security or finance to get inside the company.

Malicious Links / Downloads  – During interviews or after contact, they send “updates” or links that install malware on devices.

Sample Code Trap – They might ask for code samples, then use those to inject harmful code or to expose weaknesses.

Bribery & Vendor Compromise – They may try to bribe employees or vendors to gain unauthorized access or internal information.

Why This Is Important for the Crypto Industry

  • These fake IT workers pose a serious risk because they try to get a “foot in the door” via employment. Once inside, damage can be large.

  • SEAL has published a repository detailing aliases, fake identities, emails, GitHub profiles, and other info for these impersonators. This helps firms detect suspicious candidates.

  • The threat is not hypothetical. In June, a few of these operatives actually got into crypto startups as freelance developers and stole about US$900,000 total. 

  • North Korean hacking activity has been growing: over US$1.34 billion in digital assets were stolen across 47 incidents in 2024, roughly double the amount from 2023.

What Beginners Should Understand

If you’re new to crypto or working at a crypto-company, these are useful lessons:

  • Be careful with job candidates, check identities, verify credentials, don’t rely on only remote interviews.

  • Avoid downloading unknown files or code from untrusted sources. Even “sample code” can hide bad parts.

  • Train your staff about common tricks (phishing, fake links, malware disguised as updates).

  • Use proper vetting of outsourced vendors, freelancers, and employees.

  • Monitor for suspicious behavior such as requests for unexpected access, unusual file transfers or attempts to bribe or coerce.

Related Articles