The Ethereum Foundation-funded Ketman Project has outed roughly 100 North Korean IT workers masquerading as Web3 developers, according to an ETH Rangers Program report. Turns out, the DPRK’s idea of a “freelance platform” is just a fancy way to say “fake Japanese profiles and bad Zoom calls.”
This six-month mission, funded by Ethereum’s ETH Rangers Program, was less about saving the world and more about sifting through GitHub profiles like a particularly suspicious Tinder user. Their goal? Rooting out DPRK operatives who’d decided Web3 was the perfect place to hide in plain sight.
How North Koreans Used AI, Bad Japanese, and a Headset
A Ketman investigation revealed DPRK-linked hackers posing as Japanese devs on OnlyDust, a Web3 freelance site. Because nothing says “trust me” like an AI-generated profile pic and a name like “Hiroto Iwaki” that sounds suspiciously like it was Googled from a list of “Japanese names that aren’t actually Japanese.”
They even submitted forged ID documents during verification. Classic move, except when you’re asked to speak Japanese in a video call, you panic like you’ve just been caught watching Netflix in the wrong language-headset off, call dropped, dignity shattered.
Investigators tracked three clusters of actors across 11 repositories, where 62 pull requests were merged before someone thought to ask, “Wait, does anyone here actually speak Japanese?”
Open-Source Tools and a Framework for the Ages
Ketman didn’t just catch hackers; they also gave us gh-fake-analyzer, an open-source GitHub profile analysis tool now on PyPI. Because who doesn’t want to play detective in their pajamas?
The project also co-authored the DPRK IT Workers Framework with SEAL, which is now the industry’s go-to guide for spotting hackers who can’t code in Japanese but somehow got past KYC.
The ETH Rangers Program, launched in late 2024 with Secureum, The Red Guild, and SEAL, funded 17 stipend recipients. Together, they recovered over $5.8 million, found 785 vulnerabilities, and handled 36 incident responses. Not bad for a bunch of people who probably still can’t tell a DevOps from a deviled egg.
North Korea’s crypto heists have netted billions, but let’s be real-their biggest skill is still making you question every GitHub profile that says “Loves cats and blockchain.”
Read More
- Brent Oil Forecast
- Gold Rate Forecast
- Silver Rate Forecast
- Stablecoins: The New Corporate Opium or Financial Revolution?
- Bitcoin Surges as Iran Ceasefire News Shakes Oil Markets!
- Avalanche’s Grand Waltz: Blockdaemon’s Staking Soiree for the Suits
- French Artist Blames Government For Surge In Crypto Wrench Attacks
- XRP’s Desperate Dance with Bitcoin: A Tragicomedy in Three Acts
- You Won’t Believe Which Cryptos CME Just Threw Into the Mix!
- Grayscale’s TAO Gambit: ETF Dreams or Crypto Absurdity?
2026-04-19 14:12