Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Collapse
Brand Logo
UDS UDS: $1.1515
24h: 0.09%
Trade UDS
Gate.io
Gate.io
UDS / USDT
KuCoin
KuCoin
UDS / USDT
MEXC
MEXC
UDS / USDT
BingX
BingX
UDS / USDT
BitMart
BitMart
UDS / USDT
LBank
LBank
UDS / USDT
XT.COM
XT.COM
UDS / USDT
Uniswap v3
Uniswap v3
UDS / USDT
Biconomy.com
Biconomy.com
UDS / USDT
WEEX
WEEX
UDS / USDT
PancakeSwap v3
PancakeSwap v3
UDS / USDT
Pionex
Pionex
UDS / USDT
COINSTORE
COINSTORE
UDS / USDT
Sushiswap v3
Sushiswap v3
UDS / USDT
Picol
Picol
UDS / USDT

Earn up to 50 UDS per post

Post in Forum to earn rewards!

Learn more
UDS Right

Spin your Wheel of Fortune!

Earn or purchase spins to test your luck. Spin the Wheel of Fortune and win amazing prizes!

Spin now
Wheel of Fortune
selector
wheel
Spin

Paired Staking

Stake $UDS
APR icon Earn up to 50% APR
NFT icon Boost earnings with NFTs
Earn icon Play, HODL & earn more
Stake $UDS
Stake $UDS
UDS Left

Buy UDS!

Buy UDS with popular exchanges! Make purchases and claim rewards!

Buy UDS
UDS Right

INFLUENCER LEVEL

Based on the number of subscribers

MULTIPLIER

up to 10k

x1.1

10-25k

x1.25

25-100k

x1.5

100k-250k

x2

250k-1m

x3

1m+

x5

Post links to Undeads Forum messages or Undeads products to receive additional rewards

Post limits and staking coefficients applied similar to Forum posts

Discord, Telegram, Twiter

Post in Forum to earn rewards!

UDS Rewards
  1. Home
  2. Crypto-Detective
  3. North Korean Hackers Are Now Meeting Crypto Developers at Conferences. The Drift Protocol Case Shows How

North Korean Hackers Are Now Meeting Crypto Developers at Conferences. The Drift Protocol Case Shows How

Scheduled Pinned Locked Moved Crypto-Detective
3 Posts 2 Posters 16 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
This topic has been deleted. Only users with topic management privileges can see it.
  • mendezM Offline
    mendezM Offline
    mendez
    wrote on last edited by
    #1

    9fe872ba-1225-4f2d-a1a6-5b214de586ae-image.png

    The most alarming evolution documented in the North Korean crypto threat landscape is the shift from purely remote operations to physical infiltration — and the Drift Protocol case provides the most detailed public account of how that works in practice. In April 2025, DPRK-affiliated technology workers met the Drift Protocol development team at a "major" cryptocurrency industry conference and spent six months building a genuine working relationship with the team before deploying the malware that caused $280 million in losses. The Drift team's disclosure contained a detail that should reshape how every crypto project thinks about new hires and conference relationships: "The individuals who appeared in person were not North Korean nationals." DPRK threat actors operating at this level use third-party intermediaries for face-to-face relationship building — people who are not themselves North Korean but are working on behalf of North Korean intelligence operations — making nationality-based screening useless as a defense mechanism.
    The Ethereum Foundation's April identification of 100 DPRK-backed hackers and threat actors who had infiltrated crypto projects confirms that the Drift case was not an isolated incident but a documented operational pattern.

    The same month, onchain investigator ZachXBT documented a separate group of North Korean IT workers generating $1 million per month working at technology companies under false identities — a parallel revenue stream that combines legitimate employment income with insider access to company systems and credentials. The combination of remote IT worker infiltration, conference-based relationship building using intermediaries, and technical exploitation of the resulting trusted access represents a multi-layered attack strategy that no single security measure can address. Physical presence at a conference with a credible colleague, six months of professional relationship, and technical competence that passes hiring screening are exactly the trust signals that security culture is designed to respond to positively — which is what makes this attack vector so effective and so difficult to defend against.

    1 Reply Last reply
    0
    • johnblockbusterJ Offline
      johnblockbusterJ Offline
      johnblockbuster
      wrote on last edited by
      #2

      100 DPRK-backed actors identified in crypto projects confirming Drift was documented pattern not isolated incident

      1 Reply Last reply
      0
      • johnblockbusterJ Offline
        johnblockbusterJ Offline
        johnblockbuster
        wrote on last edited by
        #3

        $1M monthly from fake IT workers

        1 Reply Last reply
        0

        • Login or register to search.
        Powered by NodeBB Contributors
        • First post
          Last post
        0
        • Categories
        • Recent
        • Tags
        • Popular
        • World
        • Users
        • Groups