According to Google Cloud’s latest report, North Korean IT employees target Solana Blockchain projects, especially by increasing cyber activities in Europe. Operators affiliated to the People’s Republic of Korea (DPRK), acting like legitimate distance employees, infiltrate to companies and contribute to the financing of the regime by playing sensitive data.
Google Cloud report includes solana projects
The report reveals that these actors develop blockchain and artificial intelligence applications using fake identities and advanced software skills. Especially the projects built on the Solana network, job advertisement boards and blockchain -based applications have become the target of increasing attacks. These people, companies seize the critical systems stole the data and sell this information to provide income.
DRPRK -linked cyber attackers have shifted their focus to Europe due to the indictments of the US Department of Justice (Doj) and strict controls in recruitment processes. The report said that a North Korean IT employee uses 12 different fake identities in the USA and Europe, with false references and connections with recruitment experts.
These people not only hide their identity, but also gain confidence by developing advanced software projects. The report reveals that employees have developed token hosting platforms with Next.JS, React and Cosmossdk, creates a solana -based job advertisement board using Golang and contributes to Blockchain projects using Anchor with anchor. In fact, an employee said that Electron, Next.JS and Blockchain develops an artificial intelligence -supported web application by combining applications.
BYOD environments are risky
According to the Google Cloud report, these attacks are carried out through “Bring Your Own Device” systems that allow employees to use their own devices. As of January 2025, companies using such environments are more threatened. “DPRK IT employees evaluated BYD environments as a potential opportunity and increased their operations for employers using these systems,”.
North Korean -related hacker groups stand out as one of the biggest threats in the crypto ecosystem. It was estimated that they stole about $ 1.3 billion from various projects during the year 2024, while in February, they made an emphasis on $ 1.5 billion in the attack on the Bybit crypto exchange.
These developments once again reveal the importance of cyber security in the Blockchain and crypto world. The fact that companies are more careful in recruitment processes, increasing cyber security measures and reviewing working device policies seems to play a critical role in the fight against such threats.
