Coinbase CEO Brian Armstrong has announced radical changes to the exchange's operating policy following confirmed attempts by North Korean IT workers to infiltrate the company. The crypto exchange, previously known for its "remote-first" policy, is now mandating that all employees attend in-person orientation in the United States and requiring US citizenship with fingerprint verification for workers accessing sensitive systems.
The FBI issued a warning last month about North Korean IT workers generating revenue for the regime by working with US companies through fake job applications, computer redirections, and front companies. Armstrong revealed that these actors exploited Coinbase's remote work flexibility, attempting to gain access to sensitive systems. The CEO also disclosed attempted bribery within the company, with individuals offering hundreds of thousands of dollars to customer service representatives.
Coinbase's new security measures include requiring candidates to turn on cameras during recruitment to prevent "AI-assisted fake interviews" and establishing a new support center in Charlotte, North Carolina. However, the citizenship requirement for certain roles may violate federal anti-discrimination laws under the Immigration Reform and Control Act of 1986, which prohibits employment discrimination based on citizenship status.
Industry experts question whether the threat justifies such drastic measures, noting that North Korean infiltrators often use obviously fake credentials (such as the name "Clark Pickles") and target companies with weak hiring practices. Some speculate the policy changes may be an overreaction or pretext for measures the company wanted to implement anyway, particularly given Coinbase's ties to the Trump administration and its "America First" agenda.