A small team of North Korean IT workers — linked to a $680,000 crypto hack in June — has been using Google products and even renting computers to infiltrate crypto projects, according to screenshots from one of the workers’ devices.
In an X post from ZachXBT on Wednesday, the crypto sleuth shared a rare look into the workings of a North Korean (DPRK) hacker. The information came from “an unnamed source” who was able to compromise one of their devices.
North Korean-linked workers were responsible for $1.4 billion exploit of crypto exchange Bitbit in February and have siphoned millions from crypto protocols over the years.
The data shows that the small team of six North Korean IT workers shares at least 31 fake identities, obtaining everything from government IDs and phone numbers to purchasing LinkedIn and UpWork accounts to mask their true identities and land crypto jobs.
One of the workers supposedly interviewed for a full-stack engineer position at Polygon Labs, while other evidence showed scripted interview responses in which they claimed to have experience at NFT marketplace OpenSea and blockchain oracle provider Chainlink.
Google, remote working software
The leaked documents show the North Korean IT workers secured “blockchain developer” and “smart contract engineer” roles on freelance platforms like Upwork, then used remote access software like AnyDesk to carry out the work for unsuspecting employers. They also used VPNs to hide their locations.
Google Drive exports and Chrome profiles showed they used Google tools to manage schedules, tasks and budgets, communicating in English while using Google’s Korean-to-English translation tool.
One spreadsheet showed the IT workers spent a combined $1,489.8 on expenses in May to carry out their operations.
North Korean IT workers tied to recent $680,000 crypto hack
The North Koreans often use Payoneer to convert fiat into crypto for their work, and one of those wallet addresses —“0x78e1a” — is “closely tied” to the $680,000 exploit on fan-token marketplace Favrr in June 2025, ZachXBT said.
Related: Crypto crime unit with $250M in seizures expands with Binance
At the time, ZachXBT alleged the project’s chief technology officer, known as “Alex Hong,” along with other developers, were DPRK…
Click Here to Read the Full Original Article at Cointelegraph.com News…