Through an introduction with a “reputable third-party service provider,“ the company took on a developer who, as part of an investigation, was revealed to be tied to North Korea.
Blockchain company Consensys accidentally used a software developer linked to North Korea who had access to some of its systems for a month.
First reported on Friday by Drop Site, Consensys earlier this year took on a software developer under the alias Tyler Knapp who was later discovered to have ties to the Democratic People’s Republic of Korea, or North Korea. The move caused the company to temporarily suspend product releases and conduct an investigation into the matter
“‘Knapp’ was introduced to us through an existing relationship with a reputable third-party service provider and collaborated with Consensys as a consultant,” Consensys general counsel Matt Corva stold Cointelegraph. “He was never hired as a Consensys employee. Very quickly after being introduced, we discovered the threat, followed our security protocols, immediately terminated any access and launched a comprehensive investigation that confirmed there was no misappropriation of assets or data, no malicious code deployed, and no impact to user safety and security.”
The incident was one of the latest involving North Korean hacking groups targeting digital asset companies by sending fake employment offers to developers and applying for jobs that would allow them to access code. Corva said Consensys will reevaluate its practices for outsourcing engineering and development work.
Facts Only
* Consensys engaged a software developer under the alias Tyler Knapp.
* The introduction was made via an existing relationship with a reputable third-party service provider.
* Tyler Knapp was later discovered to have ties to the Democratic People’s Republic of Korea, or North Korea.
* Knapp had access to some of Consensys's systems for one month.
* Consensys temporarily suspended product releases and began an investigation after the discovery.
* The investigation confirmed no misappropriation of assets, no malicious code deployment, and no impact on user safety or security.
* Consensys will reevaluate its practices for outsourcing engineering and development work.
Executive Summary
Full Take
Sentinel — Human
The text reads like standard investigative reporting, effectively presenting an event, citing sources, and including direct organizational responses, suggesting human editorial oversight.
