The renowned blockchain software company Consensys accidentally granted a programmer linked to the North Korean government access to part of its internal systems for approximately one month. The cybersecurity incident, first reported by Drop Site News, highlights the growing sophistication of corporate infiltration schemes targeting the cryptocurrency industry.
The developer, operating under the alias Tyler Knapp and the GitHub handle imyugioh, was hired months ago as a consultant through a trusted third-party service provider. After about a month of collaboration, monitoring teams discovered the individual’s ties to Pyongyang’s hacking groups. Consensys general counsel Matt Corva stated that the company immediately terminated access, activated cyber threat protocols, and launched a comprehensive investigation.
The internal probe confirmed no misappropriation of data or assets, no malicious code deployment, and no impact on user safety or security. Nevertheless, Consensys temporarily suspended all planned product launches while the audit took place and instructed staff to avoid contact with the consultant. The developer had worked on core MetaMask platform code, including components that connect crypto users with third-party fiat payment providers.
The incident comes amid a broader campaign by North Korean operatives using fake identities to secure remote tech jobs. TRM Labs reports that North Korea accounted for 64% of crypto stolen in 2025, with over $2.7 billion in losses. The Ketman Project, supported by the Ethereum Foundation, identified around 100 suspected North Korean IT workers across 53 Web3 projects. Consensys will now reassess its outsourcing and screening processes to prevent future breaches.