IT Workers From North Korea Have Been Infiltrating DeFi Platforms for Past 7 Years

Research highlights long-term insider risks in decentralised finance projects

Advertisement
Written by Rahul Dhingra, Edited by Rohan Pal | Updated: 6 April 2026 14:55 IST
Highlights
  • Researcher links DPRK workers to over 40 DeFi platforms
  • Social engineering tactics used in major exploit cases
  • Lazarus group tied to multi-billion crypto thefts

Security concerns rise over insider threats in decentralised finance systems

Photo Credit: Unsplash/Shubham Dhage

Security researcher Taylor Manonan has claimed that North Korean IT workers have been infiltrating DeFi platforms for the past 7 years. This includes over 40 DeFi platforms, which she listed in a post on X. She further added that seven years of DeFi experience on their resumes is not a lie, cause they have built all the critical protocols that run on each of these DeFi platforms. This data revelation came hours after the Drift Protocol disclosed a $280 million (roughly Rs. 2,600 crore) exploit, which also had a DPRK group behind it. 

Long-Term Infiltration Raises Concerns Over DeFi Security Risks

Drift Protocol, which fell prey to this scam were completely oblivious. In a post on X, Drift Protocol explained that this was not a typical hack, but a months-long, highly coordinated social engineering operation. Bad actors posed as a legitimate trading firm, met the execs at Drift Protocol at a lot of crypto events. They even invested a million dollars in capital on the platform. Over time, they managed to trick team members into interacting with malicious code and apps, likely compromising their devices and gaining access to critical systems. This operation is now linked to a DPRK group called UNC4736. 

Advertisement

This is not the first time that a DPRK group has been part of such a scam. As per the analysts at Creator Network R3ACH, the Lazarus group has stolen over $7 billion (roughly Rs. 65,000 crore) in crypto since 2017. These attacks include a $625 million (roughly Rs. 5,803 crore) scam of Ronin Bridge in 2022, the $235 million (roughly Rs. 2,182 crore) WazirX exploit in 2024, and $1.4 billion (roughly Rs. 13,000 crore) Bybit heist in 2025, which is also the biggest hack on their timeline. 

Commenting on this issue, Tim Ahhl, the founder of the Titan Exchange, which is a Solana-based Dex aggregator, said that in a previous job, “we interviewed someone who turned out to be a Lazarus executive.” Ahhl further added that the candidate “did video calls and was extremely qualified”. The bad actor declined an in-person interview, and the execs at Titan Exchange later found his name in a Lazarus “info dump.”

Advertisement

Earlier this year, the US Treasury had sanctioned individuals and entities tied to a North Korea-linked IT worker scheme that allegedly used fake identities to secure remote tech jobs and funnel earnings through cryptocurrency. Officials say the network helped generate illicit revenue for the North Korean regime.

Cryptocurrency is an unregulated digital currency, not a legal tender and subject to market risks. The information provided in the article is not intended to be and does not constitute financial advice, trading advice or any other advice or recommendation of any sort offered or endorsed by NDTV. NDTV shall not be responsible for any loss arising from any investment based on any perceived recommendation, forecast or any other information contained in the article.
 
Post your comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Cryptocurrency, Crypto news, crypto regulation
Xiaomi 17 Max Launch Timeline, Price Range Tipped Along With Key Specifications, Features
Red Magic Gaming Tablet 5 Pro Launch Timeline Revealed
Advertisement

Related Stories

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Realme 16 5G With 7,000mAh Battery Goes on Sale in India: See Offers
  2. Casio AE-1600HX Series Launched With Up to 10 Years of Battery Life
  3. North Korean IT Workers Linked to DeFi Platforms Over 7 Years
  4. How NASA Approved iPhone 17 Pro Max for Artemis 2 Mission
  5. Apple's First-Ever Foldable iPhone Enters Trial Produc
  6. Oppo F33 Pro India Launch Date, Price Range Surface Online
  7. WhatsApp Noise Cancellation Feature Reportedly Expands to Android Beta Testers
  8. Samsung Sets Deadline for Messages App: Here's What Replaces It
  9. Meta to Conduct Yet Another Layoff, Designation Changes Amid AI Push
  10. Infinix Note 60 Pro Design, Colourways Revealed as India Launch Nears
#Latest Stories
  1. Meta to Fire 200 Employees, Phase Out Middle Manager Titles Amid AI Push: Report
  2. Glory OTT Release Confirmed: Where to Watch Pulkit Samrat and Divyendu Sharma Starrer Online
  3. Oppo Find X9 Ultra to Feature 10x Optical Zoom and External Lens Kit
  4. China Removes Bitchat App From Apple Store Over Regulatory Concerns
  5. WhatsApp Reportedly Rolls Out Noise Cancellation for Voice and Video Calls to Android Beta Users
  6. Samsung Galaxy S27 Pro to Reportedly Launch Next Year With the Privacy Display Feature
  7. iPhone Fold Trial Production Begins Ahead of Anticipated Launch in H2 2026: Report
  8. New Study Claims There Might Be Way More Pulsars in Space Than We Previously Thought
  9. Samsung Galaxy Z Fold 8, Flip 8, Wide Fold Batteries Reportedly Certified on BIS Alongside Buds Able
  10. Oppo F33 Pro India Launch Date, Price Range Leaked Online; Tipped to Feature 50-Megapixel Selfie Camera
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.