Breaking News from @ zachxbt: Since January 2025, North Korean IT workers have infiltrated multiple companies and projects by forging identities, earning over 16.58 million US dollars (approximately 2.76 million US dollars per month) in compensation for 345 to 920 positions, with a salary range of 3000 to 8000 US dollars per month. Through public information (OSINT) and blockchain tracking, it has been discovered that North Korean IT workers such as "Sandy Nguyen" are using fake identities (such as addresses in the United States or Canada) and even exposing their North Korean background in public events (such as taking photos with the North Korean flag). The payment is mainly made through cryptocurrencies such as USDC, and the funds ultimately flow to the North Korean government, involving money laundering activities and being associated with sanctioned addresses such as Hyon Sop Sim. The refusal of North Korean IT workers to meet offline, frequent changes of identity information, and operations through Russian IP have raised red flags, increasing the risk of projects being attacked (such as data ransomware). The problem is not limited to encryption projects, traditional technology companies are also affected. North Korean workers exploit remote work and talent shortages to compromise enterprise security and raise funds for North Korea's weapons program. North Korean IT workers are increasingly using US exchanges such as Coinbase, and MEXC remains a popular platform for money laundering. It is recommended that companies strengthen KYC/AML checks and blockchain monitoring to prevent such threats.