"North Korean Hacking Sophistication...Serious Threat to South Korean Virtual Asset Industry" [Road Interview in HK]

Kang Li, Chief Security Officer (CSO) of CertiK. Hong Kong=Lee Jun-hyung

"North Korean hacker groups' cyber attacks have emerged as a serious and realistic threat to the virtual asset industry."

Kang Li, Chief Security Officer (CSO) of CertiK, made this statement during a meeting with BloomingBit at 'Consensus Hong Kong 2025' held at the Hong Kong Convention Center (HKCEC) on the 20th (local time). CertiK is a Web3 security company established in 2018 by professors from Yale and Columbia Universities. It provides security services to over 4,900 Web3 companies, including global virtual asset exchange Binance, TON, and Aptos. As of last year, CertiK's global Web3 security market share reached 45%.

CSO Kang Li pointed out that North Korean hacking is steadily becoming more sophisticated. "As the Web3 industry grows, North Korean hacker groups' attack methods have evolved," said CSO Kang Li. "While they previously demanded ransoms in virtual assets like Bitcoin (BTC) through ransomware attacks, they have now shifted to directly targeting Web3 projects, Decentralized Finance (DeFi) platforms, and exchanges."

Web3 startups are particularly vulnerable to North Korean hacking. CSO Kang Li explained, "North Korean hackers utilize various techniques including social engineering, phishing, vulnerability exploitation, and internal infiltration," adding that "these sophisticated attacks are very difficult to detect and respond to." He noted, "While North Korean hackers possess abundant resources and expertise, most Web3 startups lack the technical capabilities and financial resources to build strong defense systems. This asymmetric environment has become a key factor threatening the security of the cryptocurrency industry."

CSO Kang Li identified 'phishing attacks' as a key security issue. "Total losses in the Web3 security sector last year amounted to $2.36 billion (approximately 3.4 trillion won)," said CSO Kang Li, "with phishing attacks accounting for the largest portion." He continued, "Hackers use phishing techniques to induce victims to leak sensitive information such as passwords, private keys, and wallet addresses," adding that "sophisticated attacks using cross-chain protocol vulnerabilities and artificial intelligence (AI) will also become important security challenges in the future."

There was also advice for the Korean virtual asset industry. CSO Kang Li stated, "Korean blockchain companies must prioritize strengthening code security," explaining that "exploiting vulnerable code is the most efficient and profitable attack method for hackers." He added, "There is no perfect solution for security," and that "security is an endless process that requires maintaining constant vigilance and adapting to changes."

He also emphasized CertiK's vision. CSO Kang Li said, "CertiK will further develop formal verification technology and continue to explore advanced technology areas such as Zero-Knowledge Proof (ZKP)," adding that "we plan to contribute to establishing a regulatory framework for the (Web3) industry by strengthening cooperation with regulatory authorities." He concluded, "We will expand security education and enhance defense capabilities using tools like 'Skynet Quest'," stating that "our long-term goal is to build a safe, transparent, and sustainable Web3 ecosystem through these efforts."