Google warns Solana projects that North Korean hackers are increasingly targeting European initiatives
Shaurya Malwa | Edited by Parikshit Mishra on 2 April 2025, 9:58 UTC
A Google Cloud report released Wednesday found that North Korean “IT workers” are increasing illicit cyber activity across Europe, targeting blockchain projects.
Initiatives based on the popular Solana platform, including apps and job boards, are facing a growing number of attacks. Actors from the Democratic People’s Republic of Korea (DPRK) are posing as legitimate remote workers to infiltrate companies, take over critical systems, and steal sensitive data that will likely be sold to “fund the regime.”
The increased threat in Europe comes as a focus on North Korean-linked organizations faces indictments from the Justice Department and stricter recruitment controls in the U.S.
The report says one such worker used 12 fake identities in the US and Europe and sought work by forging references, establishing connections with recruiters and using additional identities under his control to bolster his reputation.
It’s not that the workers lack programming skills: they’ve worked on a variety of projects, including a token hosting platform using Next.js, React, and CosmosSDK, and they’ve also built an entire job exchange using Solana.
Other blockchain projects included smart contract development using Anchor and Rust. One employee even built an artificial intelligence (AI) web application using Electron, Next.js, and blockchain apps.
The main reason may be workplaces where employees are allowed to use personal devices.
“(Google Cloud) believes that IT workers identified BYOD environments as potentially fertile ground for their schemes, and in January 2025, IT workers began conducting operations against their employers in such environments,” the report states.
“Global expansion, extortion tactics, and use of virtualized infrastructure highlight the adaptive strategies employed by North Korean IT professionals.”
North Korean organizations and hacker groups are considered one of the biggest threats in the crypto ecosystem, having stolen around $1.3 billion from projects in 2024 and hacking the Bybit cryptocurrency exchange in February for $1.5 billion.
Your email address will not be published. Required fields are marked *
[…] January 2022, the number of cryptocurrencies existing in the market increased by 1 thousand. This implies that each new…
Your writing is like a breath of fresh air in the often stale world of online content. Your unique perspective…
I would like to share my story and express my great gratitude to Maria. My husband Alexander was literally taken…