North Korean spies are expanding their cyber infiltration program, with UK crypto and blockchain firms now under the spotlight, according to Google.
Sophisticated Tactics and Bases on False Characters
Google’s Threat Intelligence Group (GTIG) uncovered a disturbing trend: North Korea-linked tech operators are developing sophisticated false personas to gain jobs at European companies. They’re posing as remote workers from countries like Italy, Japan, Malaysia, and the U.S., seeking entry to sensitive blockchain and AI projects.
GTIG advisor Jamie Collier had said these actors have found a way around U.S. enforcement. “They’ve established an international network of bogus personas in order to facilitate greater operating ease,” he wrote.
UK Targets Amid Less Strict Scrutiny
Even while U.S. enforcement rises, these players have turned to targeting Europe and now the UK as well, where due diligence practices can be weaker. They construct platforms upon frameworks such as Solana, Rust, Cosmos SDK, and the MERN stack.
The report predicts expanding support circles in the UK, potentially enabling long-term presence for the fraudsters.
Rise in Extortion from Laid-Off Employees
A nasty new trend is emerging: laid-off North Korean IT employees have begun extorting their former employers. Since last October, a number of extortion cases involved the threat to leak confidential information if bribed.
The data includes significant codebases and sensitive project reports. This is a change from past strategies, when agents would simply re-enter firms with new pseudonyms.
U.S. Takes Legal and Regulatory Action
In response, U.S. officials have stepped up enforcement. Two North Koreans were recently indicted for running an employment scam involving over 60 firms. The Treasury also sanctioned firms that acted as IT fronts for Pyongyang.
UK Cracks Down on Crypto Ad Rules in Face of Growing Threat
Google UK has clamped down on ad policies to fight growing crypto scams. From January 15, 2025, crypto exchanges and wallet providers will have to be FCA-registered to advertise.
The UK Financial Conduct Authority keeps up its fight against deceptive crypto promotions, joining the rest of the world in digital asset regulation.
Final Thoughts
With evolving threats and tougher legislation, UK crypto firms are under mounting pressure to vet employees carefully and tighten internal security. Vigilance is now compulsory—it is a requirement.
