Buy Crypto
Pay with
USD
USD
Buy & Sell
Hot
Supports Visa, MasterCard, SEPA & more
P2P
0 Fees
Flexible trading, zero fees
Gate Card
Use your crypto for payments worldwide
Markets
Trade
Basic
Advanced
Futures
Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Earn
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
tag
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Investment
Square
Square
Post, share, and explore crypto trends
Live
moments live
Live crypto market analysis
Chat
Chat with crypto traders
News
What is happening in crypto
flower_head
More
Promotions
AI
Diğerleri
TradFi
WCTC S8
Rewards
Square
Latest
Hot
News
Profile
CryptoSat

Major Security Alert in Web3 🚨


An Ethereum Foundation-funded project (Ketman) has uncovered ~100 North Korean (DPRK) IT workers who infiltrated Web3 companies using fake identities.
Over a 6-month investigation, they identified these operatives across ~53 crypto projects and alerted the affected teams.
Many were operating through polished GitHub organizations to win contracts and launder reputation.
A serious reminder: insider threats and fake remote developers remain a real risk in crypto hiring.
post-image
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 13
  • 8
  • Share
Comment
Add a comment
Add a comment
VinylRecordStaking
· 5h ago
Ridiculous... Hiring really needs to be twice as cautious.
View OriginalReply0
ArbitrageIsn'tAsGoodAsGetting
· 6h ago
Remote development is really a high-risk area now, especially the internal threats after gaining access permissions.
View OriginalReply0
PatchNotes
· 6h ago
The more polished your GitHub organization looks, the more background verification is required.
View OriginalReply0
GateUser-6319729f
· 6h ago
The team that is already hiring, quickly review again: there are clues in the submission history, device fingerprint, and payment path.
View OriginalReply0
PineNeedlesAndColdWind
· 6h ago
It is best to use isolated environments for outsourcing/probation periods, with mandatory security audits and double reviews before code merges into the main branch.
View OriginalReply0
GateUser-ecded933
· 6h ago
53 projects have been compromised, indicating that the industry's risk control is generally too lax.
View OriginalReply0
On-ChainCheatSheetKing
· 6h ago
GitHub links, resumes, and referees may all be nested, so don't blindly trust the "look very official."
View OriginalReply0
PaperhandsPoet
· 6h ago
This reminds me: Overemphasizing algorithm questions in interviews is useless; the key is access control and supply chain security.
View OriginalReply0
MossyLedger
· 6h ago
Even if not DPRK, remote development with fake identities can still embed backdoors; security must be regarded as a core cost.
View OriginalReply0
ExitLiquidityBuddy
· 6h ago
I hope Ketman will open-source the detection metrics and methodology, as the industry needs reusable troubleshooting checklists.
View OriginalReply0
View More

  • Pin

Sitemap