North Korean hackers found a new way to hack cryptocurrency companies by getting jobs there using fake resumes

North Koreans hackers are faking linkedin profiles and CVs and pretending to be cryptocurrency experts for getting full time or freelance remote work at cryptocurrency firms according to Bloomberg. Some hackers also make claims of publishing white papers in cryptocurrency fields and blockchain technology. All this with an aim to get internal details of the company and help the North Korean government to steal funds via insiders working in the companies. 

The hackers copy legitimate profiles on LinkedIn and Indeed for their resumes according to Mandiant Inc. This finding of the company reinforces allegations made by the US government. The US government warned that North Korean hackers are trying to get jobs in American or European companies to later hack them. Working as an employee helps the North Korea government collect  intelligence about new cryptocurrency trends, NFT, security vulnerabilities and new ways of money laundering. 

The North Korean hackers show that they are based out of China, Russia, Africa, Southeast Asia, North America, Europe, South Korea and Japan.

Getting a job also allows the North Korean government to implant backdoors in the exchange which could be exploited later on.  The North Korean government has consistently denied involvement in any cyber crime.

Mandiant researchers said they had identified multiple profiles of North Korean persons that have successfully been hired by companies. 

 Jonathan Wu, a blockchain expert, mentioned on twitter the experience of conducting a job interview with a North Korean hacker. 

Previously North Korean hackers have replicated websites of, ZipRecruiter, a Disney careers page and a site called Variety Jobs to get people to send their CV and then hack their machines where websites were opened. 

Also North Korean hackers have created fake attractive job postings to attract developers working in big cryptocurrency companies. Later when victims apply for jobs, job interviews are held and hackers try to hack their computers to get more information about their existing work profile.