Former Binance CEO Changpeng Zhao (CZ) has raised fresh concerns over the growing sophistication of North Korean cyberattacks targeting the crypto industry. In a post on X, Zhao highlighted that these actors are not only creative but also patient, leveraging long-term strategies to infiltrate firms and compromise systems.
These North Korean hackers are advanced, creative and patient. I have seen/heard:
1. They pose as job candidates to try to get jobs in your company. This gives them a “foot in the door”. They especially like dev, security, finance positions.
2. They pose as employers and try to… https://t.co/axo5FF9YMV
— CZ 🔶 BNB (@cz_binance) September 18, 2025
Job recruitment as a gateway
According to Zhao, one of the primary tactics involves hackers posing as job candidates, particularly for developer, security, and finance positions. This strategy allows them to gain insider access to critical systems once employed. In other cases, they impersonate employers and lure existing employees into fake interviews. During these sessions, attackers exploit video call disruptions to send malicious “updates” or inject infected code samples under the guise of technical tests.
Zhao also pointed out that hackers have been known to pose as legitimate users seeking customer support. By embedding malicious links in support requests, attackers attempt to trick employees into downloading malware capable of taking over devices.
Insider threats and vendor vulnerabilities
Beyond direct infiltration, North Korean groups are reportedly bribing employees and contractors for access. Zhao referenced a recent incident involving a major outsourcing firm in India, where compromised vendor systems led to the leak of sensitive data from a U.S.-based crypto exchange. That breach ultimately resulted in losses of more than $400 million in user assets.
Industry experts have long warned that such attacks combine social engineering with technical exploits, making them difficult to detect until damage is already done. Zhao’s comments reinforce the urgent need for platforms to train employees on cybersecurity hygiene, implement strict hiring verification processes, and strengthen vendor risk assessments.
“Do not download unknown files, and screen candidates carefully,”
Zhao advised, urging crypto firms to remain vigilant.
CBDCs ‘outdated’ compared to stablecoins
Separately, Zhao dismissed central bank digital currencies (CBDCs) as “outdated,” arguing that stablecoins have already surpassed them in both relevance and adoption.
If you would like to read more articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
