People Security, Pillar 01
Every new developer, contractor, and contributor you onboard is a potential entry point into your protocol. In an industry where nation-state actors are actively submitting CVs to crypto teams, a secure hiring process is not a nice-to-have, it is a critical security control.
Web3 hiring is structurally different from traditional tech recruitment. Teams are distributed globally, contributors frequently operate under pseudonyms, referral-based hiring is the norm, and the speed of crypto development culture often compresses the time available for due diligence. These factors combine to create a hiring pipeline that sophisticated threat actors have learned to exploit systematically.
Our managed cybersecurity services for hiring security provide the identity verification, OSINT research, and secure onboarding frameworks that Web3 teams need but rarely have. We work as a specialist cybersecurity consultancy layer on top of your existing hiring process, advising, vetting, and building the procedures that keep adversaries out before they are ever given access to your codebase, your keys, or your team.
Work is delivered through our internal consultancy team and a curated network of specialist partner firms, rigorously vetted for technical depth and professional integrity in the Web3 space.
The Scale of the Problem
“The FBI estimates that North Korea has thousands of trained IT workers currently embedded in technology companies worldwide, including crypto projects, generating revenue for the regime and maintaining persistent access for future operations. They use AI-generated profile photos, borrowed identities, and a network of facilitators to pass standard hiring checks.”
The Referral Trap
“In the CoinsPaid breach, DPRK’s TraderTraitor group spent six months building relationships with company employees via LinkedIn before the attack activated. The initial contact came through plausible professional outreach, not cold spam. Once one employee had engaged, the attacker had a foot in the door. Web3 teams that rely on referrals from trusted contacts face the same risk: a DPRK operator who has successfully infiltrated a peripheral community member can generate warm introductions that carry unearned trust into higher-value targets.”
A cyber security specialist reviewing your hiring pipeline costs a fraction of what a single compromised hire can drain. Developer identity vetting is the security control with the highest ROI in Web3 right now, and the one most teams have not yet implemented.
Know What to Look For
These are the indicators our cybersecurity consulting team looks for when reviewing candidates and existing contributors. None are definitive alone, but each warrants scrutiny, and several together demand investigation.
Mismatches between stated location, timezone, working hours, and language proficiency. Profile photos that reverse-image-search to AI generation tools. GitHub activity patterns inconsistent with claimed experience.
Recently created accounts with suspiciously complete-looking histories. Commit activity that appears bulk-generated. Professional networks with no verifiable connections to claimed past employers or projects.
Candidates who push for elevated access or sensitive repository permissions early in an engagement. Interest in treasury, key management, or deployment processes beyond what their role requires.
A warm introduction from someone who is themselves a recent or loosely-connected addition to your network. Referrers who cannot speak in detail about the candidate beyond their technical output.
