TechFlow news, April 2 — According to Cointelegraph, Google's Threat Intelligence Group (GTIG) said that North Korean technologists are expanding their infiltration operations into blockchain firms outside the United States, with some having successfully penetrated UK-based cryptocurrency projects. GTIG advisor Jamie Collier stated that, due to tightened U.S. scrutiny and work permit verification, North Korean technologists have shifted focus to non-U.S. companies, targeting roles in traditional web development as well as advanced blockchain applications such as Solana and Anchor smart contracts.
The report indicated that these individuals pose as legitimate remote workers, generating revenue for the North Korean regime while exposing employers to risks of espionage, data theft, and business disruption. Since late October last year, these actors have intensified ransom demands, targeting larger organizations and threatening to leak sensitive data from former employers. Additionally, GTIG found these individuals are seeking employment opportunities in European countries such as Germany and Portugal.




