Express

ZachXBT: North Korean IT Team with Over 30 Fake Identities Involved in $680,000 Attack Incident

Summary: According to ZachXBT, a source revealed that a North Korean IT team used over 30 fake identities to secure developer positions, purchased Upwork and LinkedIn accounts with government IDs, and conducted work through AnyDesk. Data obtained includes Google Drive exports, Chrome configurations, and screenshots. The wallet address 0x78e1 is closely linked to a $680,000 attack ...

According to ZachXBT, a source revealed that a North Korean IT team used over 30 fake identities to secure developer positions, purchased Upwork and LinkedIn accounts with government IDs, and conducted work through AnyDesk. Data obtained includes Google Drive exports, Chrome configurations, and screenshots.

The wallet address 0x78e1 is closely linked to a $680,000 attack on the Favrr platform in June 2025, with more North Korean IT personnel identified. The team utilized Google products to organize tasks, purchased SSNs, AI subscriptions, and VPNs. Some browsing history showed frequent use of Google Translate to translate Korean, with IP addresses located in Russia. The lack of oversight by recruiters and lack of collaboration between services are identified as key challenges in combating such activities.

Last Update:

Tags:
Link: ZachXBT: North Korean IT Team with Over 30 Fake Identities Involved in $680,000 Attack Incident   [Copy]
Next:

Related Articles

  • Google Steps Into Blockchain: A New Front in the “Ledger Wars” 1 day ago
  • Bitcoin Weekly Analysis: Is a Bear Market on the Horizon? 4 days ago
  • AI Fraud Is Breaking the Internet’s Trust Economy. Can Compliance Tech Keep Up? 7 days ago
  • Can a $300M RWA Fund Save Avalanche's TVL? 7 days ago
  • Trump Adviser's "Whale Debut" with $680M Bitcoin Bet Faces Early Losses 9 days ago

    • You need to login to comment.