📌 MAROKO133 Breaking crypto: Ethereum Foundation-Backed Program Exposes 100 Nort K
The Ketman Project, operating under the Ethereum Foundation’s ETH Rangers security program, has in the latest Ethereum news, identified approximately 100 North Korea Crypto IT operatives embedded inside Web3 companies using fabricated identities, the result of a six-month investigation that ended with one of the most detailed public tallies of DPRK insider infiltration in the sector’s history.
The threat model has shifted. Where North Korea’s state-level crypto operations once centered on remote exploits and exchange hacks, the 2025 pattern is coordinated workforce infiltration, operatives passing HR screenings, accessing internal repositories, and sitting inside product teams for months before detection.
- Operatives identified: ~100 DPRK IT workers found using fake identities inside Web3 firms
- Investigation duration: Six months, conducted by the Ketman Project with ETH Rangers support
- Program scope: ETH Rangers funded 17 independent researchers, recovered or froze $5.8M in exploited funds, traced 785+ vulnerabilities, handled 36 incident responses
- DPRK theft scale: $2.02 billion stolen in 2025 alone – a 51% increase from 2024 – pushing cumulative haul to $6.75 billion
- Drift Protocol hack: DPRK-linked attackers executed a $285 million exploit on April 1, 2026, the largest DeFi hack of the year
- Real-world case: Exchange Stabble issued a withdrawal alert after a DPRK IT worker infiltrated its leadership team
- Watch: Investigators are actively tracking Drift exploit proceeds; regulatory scrutiny on DeFi employment vetting expected to intensify
Discover: The best crypto to diversify your portfolio with
Ethereum News: How the ETH Rangers Crypto Investigation Actually Worked – and What 100 North Korea Operatives Really Means
ETH Rangers launched in late 2024 through a partnership between the Ethereum Foundation, Secureum, The Red Guild, and the Security Alliance (SEAL), deploying 17 independent security researchers across a six-month mandate to strengthen the Ethereum ecosystem defenses.
The Ketman Project was one of those funded efforts, and its output went well beyond the typical audit or bug bounty scope.
Identifying 100 operatives means matching fabricated identities to known DPRK tradecraft patterns: inconsistent work histories, communication behaviors suggesting time-zone masking, payment routing through specific intermediaries, and technical fingerprints that recur across unrelated applicants. That’s intelligence work, not just security research.
It requires sustained monitoring across job boards, GitHub activity, hiring pipelines, and behavioral signals inside existing teams.
The broader ETH Rangers program delivered material results beyond the Ketman work: participants recovered or froze over $5.8 million in exploited funds, traced 785+ vulnerabilities and proof-of-concept exploits, ran 36 incident responses, and delivered more than 80 security training sessions.
Open-source outputs included a DeFi incident analysis platform, a GitHub suspicious account detector, and a client-side DoS testing framework.
That GitHub tool is relevant here. Suspicious account detection is precisely the capability needed to surface DPRK-linked developers operating under cover – accounts with manufactured contribution histories, coordinated activity patterns, or anomalous repository access. The Ketman findings likely drew on exactly this tooling.
What “100 operatives” doesn’t mean: that those individuals were necessarily running exploits in real time. DPRK IT worker infiltration serves multiple functions: revenue generation for the regime through legitimate salaries, intelligence collection on protocols and codebases, and pre-positioning for future attacks.
The immediate financial damage may be limited; the long-term exposure is structural.
Discover: The best pre-launch token sales
The post Ethereum Foundation-Backed Program Exposes 100 Nort Korea Operatives Infiltrating Crypto Firms appeared first on Cryptonews.
🔗 Sumber: cryptonews.com
📌 MAROKO133 Eksklusif crypto: NC Bankers Push For Stablecoin Yield Ban on the CLAR
The North Carolina Bankers Association urged member banks to call Sen. Thom Tillis’s office this week. The trade group wants a total ban on stablecoin yield payments in the CLARITY Act.
Leadership circulated an internal email with a pre-written script for bank employees. It described the current compromise language as insufficient to prevent deposit flight into stablecoins.
Banking Lobby Escalates Pressure on Stablecoin Yield
An employee at a small Wilmington-based bank reportedly shared the email, with leadership distributing it on behalf of NCBankers.
The script demands what it calls “an airtight prohibition” on yield tied to holding payment stablecoins. It also targets carve-outs for loyalty programs and nominal activity.
Employees were told they did not need to answer questions or defend their positions. The email stated they should simply deliver the message and end the call.
CLARITY Act Markup Approaches With Unresolved Yield Dispute
The lobbying effort comes as the Senate Banking Committee prepares a markup of the CLARITY Act.
Senators Tillis and Angela Alsobrooks brokered a compromise in March that bans passive yield but permits activity-based rewards tied to transactions.
Banks argue that those carve-outs still enable a de facto yield on stablecoin holdings. However, a White House Council of Economic Advisers report challenged that argument.
Full yield allowance would displace only $2.1 billion in lending, just 0.02% of total loans.
The CLARITY Act passed the House 294-134 in July 2025. A Senate Banking Committee markup was targeted for late April, though the schedule remains fluid.
The post NC Bankers Push For Stablecoin Yield Ban on the CLARITY Act appeared first on BeInCrypto.
🔗 Sumber: www.beincrypto.com
🤖 Catatan MAROKO133
Artikel ini adalah rangkuman otomatis dari beberapa sumber terpercaya. Kami pilih topik yang sedang tren agar kamu selalu update tanpa ketinggalan.
✅ Update berikutnya dalam 30 menit — tema random menanti!
