North Korean hackers are increasingly targeting the cryptocurrency industry by sending convincing fake job offers to unsuspecting candidates. Using sophisticated social engineering tactics, they pose as recruiters for well-known crypto firms like Robinhood, Ripple Labs, and Bitwise Asset Management. As reported by Reuters, Candidates are often asked to complete video assessments on obscure websites or download software, unknowingly giving hackers access to their wallets.
The goal is to steal digital assets, sometimes worth thousands of dollars, and funnel them to North Korea’s sanctioned programs, making vigilance essential for anyone seeking a crypto-related job.
How The Scam Works
Experts say the problem is widespread, with job applicants now routinely scrutinising recruiters for signs of malicious intent. “It happens to me all the time, and I’m sure it happens to everybody in this space,” said Carlos Yanez of Switzerland-based blockchain analytics firm Global Ledger.
Victims report that scammers pose as recruiters for companies like Robinhood, Ripple Labs, and Bitwise Asset Management, reaching out over LinkedIn or Telegram with convincing pitches for blockchain roles.
The scheme typically involves asking candidates to complete video assessments on obscure websites. Unsuspecting users often end up downloading code or providing access to wallets, leading to theft of cryptocurrencies.
One victim reported losing $1,000 worth of Ether and Solana after sending a video to a hacker posing as a Ripple recruiter.
Staying Safe In The Crypto Job Market
Blockchain intelligence firm Chainalysis estimates North Korea stole at least $1.34 billion in cryptocurrency last year, allegedly to fund its sanctioned weapons program. Security professionals note that stopping such scams is difficult.
While companies like Robinhood, LinkedIn, and Telegram have disabled suspicious accounts and domains, the impersonators adapt quickly. SentinelOne’s Aleksandar Milenkoski explains, “They’re like a typical scam group, they go for breadth.”
As North Korea continues to target the crypto industry, job seekers are advised to verify recruiters’ identities, avoid unfamiliar websites, and never provide private keys or wallet access. The campaign underscores the need for vigilance in the fast-growing and highly lucrative cryptocurrency sector.
