On August 13, according to ZachXBT, a source hacked into the equipment of North Korean IT personnel and found that his small team obtained developer positions through more than 30 false identities, purchased Upwork and LinkedIn accounts with government IDs, and worked through AnyDesk. Relevant data includes Google Drive exports, Chrome profiles and screenshots.
The wallet address 0x78e1 was closely linked to the June 2025 Favrr platform 680,000 dollar attack, and more North Korean IT personnel were identified. The team used Google products to arrange tasks, purchase SSNs, AI subscriptions, and VPNs. Some browsing records show frequent use of Google Translate to translate Korean, and the IP address is Russian. Recruiter neglect and lack of collaboration between services are major challenges in combating such behavior.
ZachXBT: North Korean IT team with more than 30 false identities implicated in 680,000 dollar attack
2025-08-13 13:14:27
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Next article:
Thumzup扩大与Coinbase的战略合作关系加速加密货币积累
