short
- A six-month program helped discover about 100 IT workers in the DPRK across 53 cryptocurrency projects, the Ethereum Foundation reported.
- The report comes after a record year for North Korean hackers, who stole about $2 billion worth of cryptocurrencies in 2025.
- Meanwhile, two people who helped DPRK IT workers infiltrate US companies received multi-year prison sentences in the US.
North Korea’s hacking spree has kept the cryptocurrency industry on high alert for years, but… Ethereum The foundation noted that the tide could turn within months.
The creation of a program with blockchain security groups helped expose about 100 IT workers linked to the Democratic People’s Republic of Korea, the Swiss non-profit said in a statement. Blog post It was published on Thursday, noting that the discoveries were made over a period of half a year.
The Ethereum Foundation explained how the ETH Rangers program also led to the discovery of hundreds of vulnerabilities and prompted dozens of incident responses, but the number of individuals linked to the DPRK indicates the scope of the challenge in humanitarian terms.
The ETH Rangers program is over and the results speak for themselves: over $5.8 million recovered, over 785 vulnerabilities reported, over 100 DPRK clients identified, and much more.
Decentralized defense for a decentralized network.
Read the full summary 👇
— EF Ecosystem Support Program (@EF_ESP) April 16, 2026
In 2023, the United Nations a report It found that the DPRK sent between 3,000 and 10,000 IT workers abroad. The last numbers published In cooperation with the US State Department, it found that up to 1,500 of them were in China, with plans to send more to Russia.
Research funded by the Ethereum Foundation identified workers in the Democratic People’s Republic of Korea across nearly 53 cryptocurrency projects who were committed to helping the so-called reclusive kingdom pull off its next heist.
These discoveries were led by the Kitman Project, which also co-authored a framework for identifying workers in the Democratic People’s Republic of Korea with an organization called the Security Alliance (SEAL). “This work directly addresses one of the most pressing operational security threats facing the Ethereum ecosystem today,” the foundation said.
The ETH Rangers program benefited from blockchain investigator Nick Bax, who identified and informed more than 30 teams that DPRK workers were on their payroll. Ultimately, he was able to help freeze hundreds of thousands of dollars in cryptocurrency received by the bad actors.
Last year, blockchain security company Chainalogy Found North Korean hackers have stolen a record $2 billion in cryptocurrencies, representing a 51% jump from the previous year. The company said that DPRK workers often sneak into services to gain access privileges.
The theft of $285 million in cryptocurrencies from Drift Protocol this month heightened concerns after Solana-based decentralized exchange determined She fell victim to a months-long social engineering hack orchestrated by North Korean hackers.
North Korea celebrated the birthday of its founder, Kim Il Sung, on Wednesday. But the country’s most important holiday coincided with the disappointment of DPRK affiliates in the United States
Ministry of Justice I mentioned Two US citizens who helped workers from the Democratic People’s Republic of Korea pretend to be Americans to gain access to 100 companies have been sentenced to at least seven years in prison. They each pleaded guilty to fraud and money laundering conspiracy charges.
Authorities said the individuals received $700,000 for their role in helping transfer millions of dollars from affected American companies abroad. However, the Department of Justice noted that eight defendants charged in connection with the scheme remain at large.
Daily debriefing Newsletter
Start each day with the latest news, plus original features, podcasts, videos and more.
