Expert Warns That North Korean Crypto Hackers Are Exploiting Operational Security Vulnerabilities

The “ClickFake” campaign from North Korea is bringing cybersecurity risks in the cryptocurrency space to light once more. However, security experts say that human error, not flawed smart contracts, is the greatest threat to Web3.

According to Oak Security managing director Jan Philipp Fritsche, many blockchain teams fail to implement basic cybersecurity procedures. Fritsche, who formerly worked as an analyst at the European Central Bank, believes that inadequate device management, a lack of access controls, and dangerous authorization handling are the main problems, rather than coding.

The “ClickFake Interview” scheme, led by North Korea’s hacking group, Lazarus, targeted not just developers or engineers but also went after marketing and business staff by posing as recruiters on platforms like X and LinkedIn. The group impersonated major companies like Kraken, Coinbase, and KuCoin to lure victims. The group used believable documents and full conversations to pull off the deception.

Victims were lured into fake video interviews using professional-looking websites. When they tried to record a video intro, a fake webcam error would appear, prompting them to install a malware dubbed “ClickFix.” The malware gave hackers access to sensitive information, including private crypto wallet data.

Fritsche says many early-stage crypto teams still rely on personal laptops for both work and communication, like chatting on Discord. This practice makes them easy targets for sophisticated attackers. Unlike traditional companies, decentralized organizations (DAOs) usually lack formal security rules and can’t enforce strict standards.

Too often, teams operate on trust and optimism. But Fritsche warns that even assuming a desktop or laptop is clean might be a mistake. For projects with high financial stakes, developers should never be able to make changes to live systems on their own. Ideally, companies should issue controlled devices and use multi-layered security systems to prevent any one person from having too much access.

He draws a parallel to traditional finance where even something as simple as checking your inbox often requires multiple security steps. Web3, he says, has to adopt a similar mindset if it wants to keep up with increasingly sophisticated threats.

The recent attacks underscore how hackers are evolving—and how unprepared much of the crypto world still is. The takeaway is clear: the industry needs to step up its defenses. That means tighter protocols, smarter team management, and a serious focus on defending against social engineering.

The entire crypto industry, including major players like Riot Platforms (NASDAQ: RIOT), would do well to take notes and see what improvements they need to make to their operational security systems in light of the thought-provoking views expressed by Fritsche.

About CryptoCurrencyWire

CryptoCurrencyWire (“CCW”) is a specialized communications platform with a focus on blockchain and the cryptocurrency sector. It is one of 70+ brands within the Dynamic Brand Portfolio @ IBN that delivers: (1) access to a vast network of wire solutions via InvestorWire to efficiently and effectively reach a myriad of target markets, demographics and diverse industries; (2) article and editorial syndication to 5,000+ outlets; (3) enhanced press release enhancement to ensure maximum impact; (4) social media distribution via IBN to millions of social media followers; and (5) a full array of tailored corporate communications solutions. With broad reach and a seasoned team of contributing journalists and writers, CCW is uniquely positioned to best serve private and public companies that want to reach a wide audience of investors, influencers, consumers, journalists and the general public. By cutting through the overload of information in today’s market, CCW brings its clients unparalleled recognition and brand awareness. CCW is where breaking news, insightful content and actionable information converge.

To receive SMS alerts from CryptoCurrencyWire, text “CRYPTO” to 888-902-4192 (U.S. Mobile Phones Only)

For more information, please visit https://www.CryptoCurrencyWire.com

Please see full terms of use and disclaimers on the CryptoCurrencyWire website applicable to all content provided by CCW, wherever published or re-published: https://www.CryptoCurrencyWire.com/Disclaimer

CryptoCurrencyWire
New York, NY
www.CryptoCurrencyWire.com
212.994.9818 Office
Editor@CryptoCurrencyWire.com

CryptoCurrencyWire is powered by IBN