Author | Liam Kelly, DL News

Compiled by GaryMa Wu says blockchain

Original link:

https://www.dlnews.com/articles/defi/fake-developers-flood-crypto-job-boards-amid-bull-market/

Summary

● Fake candidates are testing the cryptocurrency industry's acceptance of anonymity.

● The United Nations states that 4,000 North Koreans have attempted to penetrate the tech industry through obtaining jobs.

● An expert said: "This is a silent war."

Hiring in the cryptocurrency industry has never been an easy task.

Finding skilled developers is hard, and managing remote workers across multiple time zones is not easy either.

Now, cryptocurrency hiring has become more difficult.

DL News's investigation found that fake candidates are flooding job sites with forged resumes.

Moreover, there is increasing evidence that many of these fake candidates appear to be North Korean nationals attempting to infiltrate cryptocurrency projects for nefarious purposes, including gathering sensitive data, hacking, and stealing assets.

Shaun Potts, founder of cryptocurrency-focused recruitment firm Plexus, told DL News: "This is an operational risk for the industry; it’s a persistent phenomenon, just like hacking exists in the tech industry. You can't stop it, but you can try to mitigate the risks."

Concealed identity

According to the United Nations Security Council, over 4,000 North Koreans have been instructed to hide their identities in an attempt to enter the Western tech industry, including the cryptocurrency sector.

The Security Council stated in a recent 615-page report that North Korean hackers have stolen $3 billion in cryptocurrency assets over 58 suspected cyber thefts in the past seven years.

While it's unclear how much of these thefts were realized through fake employees, experts worry that this trend is just beginning.

"They are illegally selling resources, IT work, labor, and hacking skills."

—— Taylor Monahan, MetaMask

Because it's big business. The fake recruiting scheme alone can earn North Korea up to $600 million a year, the United Nations reports.

Taylor Monahan, chief security researcher at MetaMask, told DL News: "The resources they can sell to China are very limited, so they generate revenue through illegal sales of resources, IT work, labor, and hacking skills."

New challenges

This development poses a new challenge for an industry that is going mainstream. With the launch of Bitcoin ETFs, Wall Street has embraced cryptocurrency as an asset class. The revenues of DeFi stalwarts like Solana and Aave continue to grow as their businesses expand.

With the industry scaling up and demand for new employees surging, the last thing the cryptocurrency industry needs is a flood of fake candidates.

The top ten cryptocurrency exchanges, including Coinbase and Binance, posted over 1,200 new positions just in May. Layoffs are also slowing down.

According to data from Layoffs.fyi, the number of unemployed in the cryptocurrency industry significantly decreased in the first quarter of this year compared to the same period last year.

"They just added some new positions in LinkedIn searches to seem different."

—— Karolis Kundrotas, Durlston Partners

Zak Cole, co-founder of cryptocurrency venture studio Number Group, told DL News: "Everyone I know is either working on another project or has no spare time. How do we bring in new talent?"

The answer is — expand the search.

AI search

Cole and his co-founders did not turn to formal recruiting agencies but instead used an AI tool called Applicant AI to screen candidates. The tool uses AI to flag keywords in resumes that meet their criteria.

The results are mixed. In a video interview with Number Group, a candidate claiming to be a native Dutch speaker hung up when asked to communicate in that language.

Another candidate's GitHub profile — the LinkedIn of programmers — was created just a month ago, yet they applied for a senior developer position.

On another resume, a candidate applying for a remote position listed a state prison in Texas as their home address.

When asked if they actually lived in a prison, the candidate replied: "Yes."

Cole's biggest concern is whether candidates are who they say they are.

He said he noticed a pattern when screening candidates and arranging interviews: many people refused to turn on their cameras.

Video calls

Typically, what they say in interviews contradicts what is written on their resumes. In other words, they are lying.

"They all have the same script," Cole said. He noted that if they appear on camera, the background is also blurred, and they are calling from a room with other people.

Karolis Kundrotas, a cryptocurrency industry advisor at Durlston Partners, said many candidates are copying real LinkedIn profiles.

"The experiences are exactly the same, and the educational backgrounds match those of real people," he said. "They just added some new positions to appear different in LinkedIn searches."

Kundrotas said video calls are also important because you can see if the other person quickly read additional information before answering.

In a video call shared with DL News, a candidate did just that.

The candidate claimed to have a deep understanding of non-fungible tokens (NFTs) and crypto gaming but had never heard of "Axie Infinity," which is one of the largest and most well-known games in the industry.

This is clearly a huge warning sign.

Refusing background checks

In addition to wasting a lot of time, these fake candidates have also damaged a major pillar of cryptocurrency's core philosophy.

Anonymity and pseudonymity are important values in cryptocurrency. Project teams tend to avoid background checks and work at startup speed, making them prime targets for illegal recruiting schemes.

For this reason, Potts said that 95% of his clients have stopped hiring pseudonymous developers.

Monahan from MetaMask said: "People underestimate the low barrier to entry in cryptocurrency. In reality, it's not uncommon for random projects to hire people for some work and then quickly promote them."

This may be exactly what North Korean infiltrators are counting on.

$60,000 a month salary

Some secret North Korean cryptocurrency employees earn up to $60,000 a month and hold multiple full-time and freelance roles.

High earners can keep 30% of their income, with the rest handed over to the Pyongyang authorities, according to a United Nations report.

Given North Korea's extreme poverty, these amounts are huge for individuals.

That's why startups must stay vigilant.

Monahan said: "As long as this works, they will continue to post jobs on recruiting forums, create resumes, and attack cryptocurrency companies and projects."

Their work also has a geopolitical angle.

Erin Plante, vice president of investigations at Chainalysis, said there is evidence that North Korea partially funds its nuclear weapons program through hacking cryptocurrency sites. According to data from blockchain analytics firm Elliptic, North Korean hacker group Lazarus Group attacked the Ronin Bridge in 2022, stealing $540 million.

In 2019, the U.S. Treasury's Office of Foreign Assets Control sanctioned Lazarus.

If North Korea uses fake candidates as part of this plan, it would be a significant issue, said Adam Zarzinski, CEO of blockchain analytics firm Inca Digital.

Zarzinski, a former U.S. Air Force judge, told DL News: "This is a silent war."