An investigation by CoinDesk revealed that more than a dozen crypto companies, including Injective, ZeroLend, Fantom, Sushi, Yearn Finance, and Cosmos Hub, mistakenly hired IT specialists from North Korea (DPRK). These employees used fake documents and fabricated work histories, successfully passing interviews and background checks without arousing suspicion.
Many companies were unaware they were hiring workers from the DPRK until they encountered cyberattacks or received information from government authorities. Funds earned by these employees were often directed to crypto wallets associated with the North Korean government, contributing to the funding of the country's nuclear program.