btc
Bitcoin (BTC)
$79,087.00 -3.94%
Bitcoin price
eth
Ethereum (ETH)
$1,511.07 -8.2%
Ethereum price
bnb
BNB (BNB)
$576.56 -0.36%
BNB price
sol
Solana (SOL)
$112.26 -4.49%
Solana price
xrp
XRP (XRP)
$1.95 -3.83%
XRP price
shib
Shiba Inu (SHIB)
$0.0000116 -1.86%
Shiba Inu price
pepe
Pepe (PEPE)
$0.0000067 -3.01%
Pepe price
bonk
Bonk (BONK)
$0.0000106 -2.82%
Bonk price
wif
dogwifhat (WIF)
$0.37 -0.53%
dogwifhat price
popcat
Popcat (POPCAT)
$0.17 0.23%
Popcat price
btc
Bitcoin (BTC)
$79,087.00 -3.94%
Bitcoin price
eth
Ethereum (ETH)
$1,511.07 -8.2%
Ethereum price
bnb
BNB (BNB)
$576.56 -0.36%
BNB price
sol
Solana (SOL)
$112.26 -4.49%
Solana price
xrp
XRP (XRP)
$1.95 -3.83%
XRP price
shib
Shiba Inu (SHIB)
$0.0000116 -1.86%
Shiba Inu price
pepe
Pepe (PEPE)
$0.0000067 -3.01%
Pepe price
bonk
Bonk (BONK)
$0.0000106 -2.82%
Bonk price
wif
dogwifhat (WIF)
$0.37 -0.53%
dogwifhat price
popcat
Popcat (POPCAT)
$0.17 0.23%
Popcat price
btc
Bitcoin (BTC)
$79,087.00 -3.94%
Bitcoin price
eth
Ethereum (ETH)
$1,511.07 -8.2%
Ethereum price
bnb
BNB (BNB)
$576.56 -0.36%
BNB price
sol
Solana (SOL)
$112.26 -4.49%
Solana price
xrp
XRP (XRP)
$1.95 -3.83%
XRP price
shib
Shiba Inu (SHIB)
$0.0000116 -1.86%
Shiba Inu price
pepe
Pepe (PEPE)
$0.0000067 -3.01%
Pepe price
bonk
Bonk (BONK)
$0.0000106 -2.82%
Bonk price
wif
dogwifhat (WIF)
$0.37 -0.53%
dogwifhat price
popcat
Popcat (POPCAT)
$0.17 0.23%
Popcat price

North Korea’s latest crypto hack reveals Web3’s security weakness: pro

Micah Zimmerman
By
Jayson Derrick
Edited by
News
North Korea’s latest crypto hack reveals Web3’s security weakness: pro

Oak Security’s Jan Philipp Fritsche says Web3 needs to stop ignoring basic OPSEC hygiene, especially as state-sponsored threats rise.

As North Korea’s “ClickFake” campaign draws renewed attention to cyberattacks on crypto firms, security experts say Web3’s biggest vulnerability isn’t smart contracts — it’s people.

Jan Philipp Fritsche, Managing Director at Oak Security, argued in a note to crypto.news that most blockchain projects lack even the most basic operational security standards

Fritsche, a former European Central Bank analyst who now advises and audits protocols says the real risk lies in how teams manage devices, permissions, and production access.

“The ClickFake campaign shows just how easily teams can be compromised,” Fritsche said in a note. “Web3 projects have to assume that most of your employees are exposed to cyber threats outside their work environment.”

You might also like: South Korean gets prison time for $2m crypto scam promising 50% returns

North Korea’s campaign

For background, North Korea’s Lazarus Group is using a cyber campaign called “ClickFake Interview” targeting cryptocurrency professionals. The group posed as recruiters on LinkedIn and X, luring victims into fake interviews to distribute malware. 

The malware, named “ClickFix,” gave attackers remote access to steal sensitive data like crypto wallet credentials. Researchers said Lazarus used realistic documents and full interview conversations to enhance credibility.

Most DAOs and early-stage teams still rely on personal devices — often used for both development and Discord chatting — which leaves them exposed to nation-state level attackers. Unlike traditional enterprises, many DAOs have no way to enforce security standards.

“There’s no way to enforce security hygiene,” Fritsche said. “Too many teams, especially smaller ones, ignore this and hope for the best.”

Fritsche says even the assumption that a device is clean may be flawed. For high-value projects, that means developers should never have the ability to push changes to production unilaterally. 

“Company-issued devices with limited privileges are a good start,” Fritsche said. “But you also need fail-safes—no single user should have that kind of control.”

The lesson from traditional finance? Every risk is assumed to be real until proven otherwise. 

“In TradFi, you need a keycard just to check your inbox,” Fritsche said. “That standard exists for a reason. Web3 needs to catch up.”

You might also like: Circle considering IPO delay due to market downturn: report

Deep Dives

Are DeFi and Layer 2 chains squeezing the juice out of Ethereum: Deep dive on the downfall of ETH
Markets
Read more - Are DeFi and Layer 2 chains squeezing the juice out of Ethereum: Deep dive on the downfall of ETH

Are DeFi and Layer 2 chains squeezing the juice out of Ethereum: Deep dive on the downfall of ETH

Ethereum ETH Ethereum
Markets surge on Trump’s tariff pause — but Bitcoin’s recovery may not hold
Markets
Read more - Markets surge on Trump’s tariff pause — but Bitcoin’s recovery may not hold

Markets surge on Trump’s tariff pause — but Bitcoin’s recovery may not hold

Bitcoin BTC Bitcoin
Is a four-year Bitcoin cycle dead?
Follow-up
Read more - Is a four-year Bitcoin cycle dead?

Is a four-year Bitcoin cycle dead?

Bitcoin BTC Bitcoin
Breaking free from the Matrix: Web3 search engine can reshape the internet’s future | Opinion
Opinion
Read more - Breaking free from the Matrix: Web3 search engine can reshape the internet’s future | Opinion

Breaking free from the Matrix: Web3 search engine can reshape the internet’s future | Opinion

No fees, more perks: why crypto exchanges want your subscription
Feature
Read more - No fees, more perks: why crypto exchanges want your subscription

No fees, more perks: why crypto exchanges want your subscription

As China hits U.S. goods with 84% tariffs, Bitcoin falls to $76K — will the Fed intervene?
Markets
Read more - As China hits U.S. goods with 84% tariffs, Bitcoin falls to $76K — will the Fed intervene?

As China hits U.S. goods with 84% tariffs, Bitcoin falls to $76K — will the Fed intervene?

Bitcoin BTC Bitcoin Ethereum ETH Ethereum
EXCLUSIVE: GOSH teams with NetIX to boost Acki Nacki blockchain speed and scale
Exclusive
Read more - EXCLUSIVE: GOSH teams with NetIX to boost Acki Nacki blockchain speed and scale

EXCLUSIVE: GOSH teams with NetIX to boost Acki Nacki blockchain speed and scale

Who controls your digital identity? Blockchain’s answer to AI avatar risks | Opinion
Opinion
Read more - Who controls your digital identity? Blockchain’s answer to AI avatar risks | Opinion

Who controls your digital identity? Blockchain’s answer to AI avatar risks | Opinion

A quiet SaaS stock just surged 840% on Solana plans — is Janover writing a new playbook?
Feature
Read more - A quiet SaaS stock just surged 840% on Solana plans — is Janover writing a new playbook?

A quiet SaaS stock just surged 840% on Solana plans — is Janover writing a new playbook?

Bitcoin BTC Bitcoin Solana SOL Solana
The Wolf of All Streets: “Michael Saylor might be one of the worst traders in modern history.” Is he serious?
Follow-up
Read more - The Wolf of All Streets: “Michael Saylor might be one of the worst traders in modern history.” Is he serious?

The Wolf of All Streets: “Michael Saylor might be one of the worst traders in modern history.” Is he serious?

Bitcoin BTC Bitcoin

Related News

Ethereum developer Virgil Griffith released early from prison 
News
Read more - Ethereum developer Virgil Griffith released early from prison 

Ethereum developer Virgil Griffith released early from prison 

Ethereum ETH Ethereum
Lazarus Group allegedly makes a profit of $2.51m from selling WBTC
News
Read more - Lazarus Group allegedly makes a profit of $2.51m from selling WBTC

Lazarus Group allegedly makes a profit of $2.51m from selling WBTC

Wrapped Bitcoin WBTC Wrapped Bitcoin Ethereum ETH Ethereum Tether USDT Tether
North Korean IT workers ramp up infiltration of tech and crypto firms across Europe
News
Read more - North Korean IT workers ramp up infiltration of tech and crypto firms across Europe

North Korean IT workers ramp up infiltration of tech and crypto firms across Europe

Bitcoin BTC Bitcoin
Advertise
Our site uses cookies and similar technologies. By using our site you consent to the use of cookies. Find additional information on how we use cookies in our Cookie Policy.