According to ZachXBT, these North Korean operatives filled around 345 roles and potentially up to 920 positions in the emerging industry this year alone.
The investigator noted that their monthly earnings for each role typically ranged between $3,000 and $8,000, bringing the estimated payout to around $2.76 million monthly.
Considering this, ZachXBT stated:
“I think it’s misleading Circle markets themselves as the most compliant stablecoin that puts security first when they do not have proper channels to report illicit activity and do not engage in incident response during major exploits.”
One key observation ZachXBT made is the misconception that US exchanges have stricter KYC/AML requirements compared to offshore platforms.
He wrote:
Meanwhile, the blockchain investigator also noted that the rise of neobanks and fintech companies that integrate stablecoins has made it easier for DPRK ITWs to convert fiat into crypto, further complicating the issue.
Finally, ZachXBT warned that hiring multiple DPRK ITWs is often a strong indicator that a project will struggle.
According to him, these workers are usually hired due to their low cost, but their lack of sophistication and the teams’ negligence can lead to disastrous results for crypto startups.
Some of the common red flags he identified include failed KYC attempts, refusal to meet colleagues in person, despite claiming to live nearby, and shared usage of VPNs with Russian IP addresses.
He also noted that these individuals refer one another to roles within the same project, alter their GitHub handles, and erase LinkedIn histories to avoid detection.
The investigation revealed that once inside a project, these workers often gain access to smart contracts and sensitive infrastructure. Their performance tends to be poor, leading to frequent terminations, but the damage is usually done by the time they’re let go.
He wrote:
“They typically take on multiple roles at once and frequently get fired due to underperformance so turnover is high. Once they infiltrate a team and take ownership of contracts your project becomes at risk of an incident.”
