North Korean Hackers Steal $680K from Favrr
Recently, it has been reported that a group of individuals from North Korea managed to siphon $680K from the popular fan-token marketplace, Favrr. These so-called “developers” created 31 fake identities to pose as cryptocurrency developers, gaining unauthorized access to private keys and executing the theft under the guise of legitimate transactions.
The Elaborate Scheme
The North Korean operatives went to great lengths to pull off this heist. They established a network of fake IDs, LinkedIn and Upwork accounts, and even made false claims of affiliation with prominent platforms like Polygon, OpenSea, and Chainlink. Their operation included using tools such as Google Docs for task management, VPNs for anonymity, and rented PCs to avoid detection. Every financial aspect of the operation was meticulously tracked down to the last cent.
Insider Job Confirmed
ZachXBT, a reputable source, confirmed that the theft was carried out by individuals with insider access, ruling out the possibility of an external hack.
The Alarming Trend
This incident sheds light on a larger issue at hand. In 2024 alone, North Korea reportedly pilfered a staggering $1.34 billion through cyberattacks, accounting for 60% of global hacking activities. Furthermore, in February 2025, they managed to steal $1.5 billion worth of ETH from Bybit. It is estimated that around 8,400 IT professionals are involved in such fraudulent activities, funding the regime’s weapons program by posing as freelance workers.
The key takeaway from this incident is that not all threats originate from external sources; sometimes, the danger lies within the organization itself.
You’ll love this too: Solana’s Potential: 5 Ways VOOI Enhances User Experience