Coinbase, the worldโs third-largest cryptocurrency exchange by volume, has come under a wave of threats from North Korean hackers seeking remote employment with the company.
North Korean IT workers are increasingly targeting Coinbaseโs remote worker policy to gain access to its sensitive systems.
In response, Coinbase CEO Brian Armstrong is rethinking the crypto exchangeโs internal security measures, including requiring all workers to receive in-person training in the US, while people with access to sensitive systems will be required to hold US citizenship and submit to fingerprinting.
โDPRK is very interested in stealing crypto,โ Armstrong told Cheeky Pint podcast host John Collins in a Thursday episode. โWe can collaborate with law enforcement [โฆ] but it feels like thereโs 500 new people graduating every quarter, from some kind of school they have, and thatโs their whole job.โ
He added that some operatives are coerced into working for the regime. โIn many of these cases, itโs not the individual personโs fault. Their family is being coerced or detained if they donโt cooperate,โ said Armstrong.
Armstrongโs comments come amid a wave of rising North Korean cyber activity beyond Coinbase.
In June, four North Korean operatives infiltrated multiple crypto firms as freelance developers, stealing a cumulative $900,000 from these startups, Cointelegraph reported.
Related: Bitcoin ETFs are next major target for North Korean hackers โ Cyvers
Coinbase data leak could put users in physical danger
Armstrongโs new measures come three months after the exchange confirmed that less than 1% of its transacting monthly users were affected by a data breach, which may cost the exchange up to $400 million in reimbursement expenses, Cointelegraph reported on May 15.
However, the โhuman costโ of this data breach may be much higher for users, according to Michael Arrington, the founder of TechCrunch and Arrington Capital, who highlighted that the breach included home addresses and account balances, leading to potential physical attacks.
Related: Hoskinson promises audit, is โdeeply hurtโ by $600M Cardano treasury claims
Among all United States crypto firms, the Coinbase brand was most impersonated in phishing attacks in 2024, fraudulently used across 416 reported phishing scams in the four previous years, according to a Mailsuite report shared with Cointelegraph.
Accounting for all US brands, Facebookโs parent company, Meta, was the most impersonated brand by scammers, appearing in at least 10,457 reported scam incidents during the past four years.
The US Internal Revenue Service was the second on the list, having been impersonated in at least 9,762 scams.
Magazine: Coinbase hack shows the law probably wonโt protect you โ Hereโs why
