Consensys outsourced code to North Korean developer
Blockchain firm Consensys temporarily suspended product releases after discovering a contractor introduced through a trusted third party was tied to North Korea, highlighting systemic supply chain risks in the digital asset sector.
First reported on Friday by Drop Site, Consensys temporarily halted product releases earlier this year after discovering a software contractor was actually a developer tied to North Korea. The individual, operating under the alias Tyler Knapp, maintained access to the blockchain company's systems for roughly a month before the deception was uncovered.
The infiltration occurred because the contractor was introduced through an existing relationship with a reputable third-party service provider. “‘Knapp’ was introduced to us through an existing relationship with a reputable third-party service provider and collaborated with Consensys as a consultant,” Consensys general counsel Matt Corva said. “He was never hired as a Consensys employee."
According to Corva, the company acted rapidly to contain the potential damage. “Very quickly after being introduced, we discovered the threat, followed our security protocols, immediately terminated any access and launched a comprehensive investigation that confirmed there was no misappropriation of assets or data, no malicious code deployed, and no impact to user safety and security,” Corva stated.
The incident underscores a persistent vulnerability for digital asset firms facing state-sponsored cyber threats. North Korean hacking groups have systematically targeted cryptocurrency companies by using fake identities to secure employment or consulting contracts. By embedding operatives within development teams, these groups aim to gain privileged access to source code, which represents a fundamental risk to the integrity of a blockchain network.
For market professionals, the Consensys event highlights the hidden operational liabilities lurking within outsourced development networks. Relying on external service providers can inadvertently introduce blind spots into corporate security perimeters, even when those providers are considered reputable. The temporary suspension of product releases demonstrates the immediate operational friction such discoveries cause.
In response to the incident, the company is moving to tighten its vulnerabilities. Corva stated that Consensys will reevaluate its practices for outsourcing engineering and development work. This shift signals to the broader industry that traditional vendor vetting may no longer be sufficient against state-backed actors specializing in elaborate employment fraud.