ZachXBT Exposes Internal Data of North Korean IT Workers, Reveals $3.5M Transactions
ZachXBT exposed internal data from North Korean IT workers today, detailing a $3.5 million crypto flow since late 2025. According to ZachXBT, the dataset came from a compromised device and includes 390 accounts, chat logs, and transaction records. The findings reveal how workers used fake identities
Blockchain investigator ZachXBT has released internal data from North Korean IT workers, exposing a cryptocurrency operation that processed $3.5 million in transactions. The dataset, obtained from a compromised device, contains information on 390 accounts along with chat logs and detailed transaction records that reveal the scope of the workers' activities.
According to ZachXBT's findings, the North Korean operatives employed fake identities and relied on weak security protocols to coordinate their cryptocurrency processing systems. The exposed data provides unprecedented insight into how these workers structured their operations and managed financial flows through digital assets.
The revelation adds to growing concerns about North Korean actors leveraging cryptocurrency networks for illicit financial activities. This exposure of internal operational data represents one of the most comprehensive looks into how state-sponsored IT workers coordinate cryptocurrency transactions, potentially providing valuable intelligence for regulatory authorities and compliance teams monitoring suspicious blockchain activity.
The compromised dataset could lead to enhanced detection methods for similar operations, as security researchers now have detailed examples of the communication patterns and transaction structures used by these networks. Industry observers will be watching for any regulatory responses or additional investigations that may emerge from this data exposure.
Source: CoinGape
