Consensys Contracted North Korean-Linked Developer for One Month

Blockchain company Consensys contracted a software developer with ties to North Korea who accessed some of its systems for one month earlier this year. The developer, working under the alias Tyler Knapp, was introduced through a third-party service provider before the company discovered the security threat, according to a Friday report by Drop Site. The incident reflects a broader pattern of North Korean hacking groups targeting digital asset companies by submitting fake employment applications to gain code access, prompting Consensys to suspend product releases and launch an internal investigation.

Consensys Investigation Confirms No Data Breach

ConsenSys general counsel Matt Corva confirmed the developer was never hired as a formal employee but collaborated as a consultant. "'Knapp' was introduced to us through an existing relationship with a reputable third-party service provider and collaborated with Consensys as a consultant," Corva told Cointelegraph. The company terminated access immediately after discovering the threat and followed security protocols.

The comprehensive investigation confirmed no misappropriation of assets or data occurred, no malicious code was deployed, and user safety and security remained unaffected. Consensys temporarily suspended product releases during the investigation period.

North Korean Groups Target Crypto Companies Through Fake Job Applications

The incident represents one of the latest cases involving North Korean hacking groups targeting digital asset companies. These groups send fake employment offers to developers and apply for positions that provide code access.

Corva stated Consensys will reevaluate its practices for outsourcing engineering and development work following the incident.

FAQ

How long did the North Korean-linked developer have access to Consensys systems? The developer worked with Consensys for one month earlier this year before the company discovered the security threat and terminated access.

Did the North Korean-linked developer steal data or deploy malicious code at Consensys? No. Consensys confirmed through a comprehensive investigation that there was no misappropriation of assets or data, no malicious code deployed, and no impact to user safety and security.

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments