Consensys Hires Fake "Tyler Knapp," Discovers Knapp Was Actually Pyongyang's Problem 🕵️
Back to feed

Consensys Hires Fake "Tyler Knapp," Discovers Knapp Was Actually Pyongyang's Problem 🕵️

Consensys, the blockchain software company behind the MetaMask wallet used by more than 30 million people each month, unknowingly granted a month of system access earlier this year to a developer later tied to North Korea. The contractor operated under the alias Tyler Knapp and contributed code to Consensys between March 9 and April, including changes touching core wallet functions that move money between crypto and cash, according to reporting by Drop Site News and Cointelegraph.

Consensys general counsel Matt Corva said the developer was brought on as a consultant through an existing third-party service provider and was never a Consensys employee. "Very quickly after being introduced, we discovered the threat, followed our security protocols, immediately terminated any access and launched a comprehensive investigation that confirmed there was no misappropriation of assets or data, no malicious code deployed, and no impact to user safety and security," Corva told Cointelegraph. The same investigation prompted Consensys to temporarily suspend product releases in April and to alert staff and law enforcement.

The episode fits a broader pattern intelligence researchers have flagged. TRM Labs says developer hiring pipelines have become the fastest route into a crypto firm's signing systems, allowing attackers to reach the infrastructure that approves withdrawals. North Korean IT workers have repeatedly posed as remote engineers, using fake profiles and recruiter outreach to land jobs at digital-asset companies. One Ethereum-funded investigation recently identified roughly 100 suspected North Korean IT workers across 53 crypto projects.

The scale of the threat has grown sharply. The FBI has linked North Korean hackers to the theft of $1.5 billion from the Bybit exchange last year, and TRM Labs has attributed more than half of the $2.7 billion lost to crypto hacks in 2025 to actors associated with the country. U.S. courts have jailed American facilitators accused of helping North Korean workers pose as domestic hires.

Corva said Consensys is reevaluating its practices for outsourcing engineering and development work. The company did not name the third-party service provider that introduced the contractor or disclose additional details about the GitHub handle associated with the account.

Share:
Publishercryptonewsroom.xyz
Published
CategorySecurity

Disclaimer: This content is for information and entertainment purposes only. It does not constitute financial, investment, legal, or tax advice. Always do your own research and consult with qualified professionals before making any financial decisions.

See our Terms of Service, Privacy Policy, and Editorial Policy.