Last week, it was reported that developers and IT workers working from the Democratic People’s Republic of Korea (i.e. North Korea) had managed to get involved in a number of crypto projects. This presented two different ways of raising funds for the national regime.

Kessler found that more than a dozen different crypto companies and projects — including some well-known ones — had unintentionally hired North Korean developers and IT workers. This situation is worrying for the projects in many ways.

North Korea is under heavy sanctions, which means hiring developers from the country would make a project a violation of U.S. law. Additionally, these employees appear to have helped hack the projects they worked on. North Korean employees working for US companies is not a new problem.

In July, cybersecurity firm KnowBe4 published a blog post revealing that it had mistakenly hired a DPRK software engineer. A few months before that, an Arizona resident and four others were accused of helping DPRK IT workers find jobs in US companies.

These employees send (or are forced to send) most of their salaries to the regime, which helps the DPRK maintain its various activities.

Projects compromised by vulnerabilities added by these employees risk losing further funds to North Korea. This isn’t just a hypothetical concern; prosecutors brought several charges alleging that IT employees affiliated with the DPRK were able to compromise companies.

First, sanctions: Any company that employs an employee in North Korea violates U.S. sanctions laws. Whether this recruitment was accidental or not is irrelevant; companies can still be prosecuted.

So far, Kessler reported, the U.S. government has “been pretty lenient with the accusations — at best, acknowledging that they were victims of a highly complex and sophisticated form of identity fraud.”

Companies will need to approach this situation more carefully, as cryptocurrencies have gained increasing attention in recent months. Companies should also be concerned about being hacked by the DPRK, which again is not just a hypothetical situation.

Axie Infinity is one of the most prominent examples of how easy it is for hackers to steal funds from a crypto company after a small mistake. Axie was hacked in March 2022 and lost $625 million at the time. A month later, U.S. officials linked the North Korean Lazarus hacking group to the theft.

Several other projects employing DPRK IT workers were also hacked, including Sushi Finance, Kessler reported. Sam’s full report is worth your attention – I’m re-linking it here – and it would be useful for companies to consider how they can take measures to reduce such risks.