HomeMarket News

ConsenSys Removes Suspected North Korean Developer From MetaMask Project

ConsenSys Removes Suspected North Korean Developer From MetaMask Project

  • ConsenSys removed a software developer after identifying suspected links to a North Korean operation during an internal security review.
  • According to Crypto Briefing, the company found no evidence of malicious code, stolen assets, compromised data, or affected MetaMask users.
  • The incident has prompted ConsenSys to strengthen hiring standards for third-party engineering partners and notify law enforcement.\

 


ConsenSys has removed a software developer from the MetaMask project after identifying suspected links to a North Korean operation. According to Crypto Briefing, the contractor accessed parts of MetaMask’s core code through a third-party service provider before the company detected the security risk and launched an internal investigation.


The developer reportedly worked under the alias “Tyler Knapp” and used the GitHub username “imyugioh.” Public GitHub records showed contributions to MetaMask platform code, including features connecting cryptocurrency users with third-party fiat payment providers.


The consultant began contributing code on March 9 and remained within the company’s systems for about one month. However, ConsenSys revoked the individual’s access in April after identifying the potential threat. Moreover, the company immediately paused product releases while investigators reviewed the developer’s activity.


Matt Corva, General Counsel at ConsenSys, explained that the contractor joined the company through an existing relationship with a reputable external service provider. Additionally, employees received instructions not to communicate with the individual while the investigation remained active.


Also Read: Strategy Still Needs Clear Bitcoin Buy and Sell Rules, CryptoQuant Says


Investigation Found No Evidence of User Impact

According to Crypto Briefing, investigators examined the developer’s code contributions and internal system activity to determine whether any security breach had occurred. Consequently, the company found no evidence that malicious code entered MetaMask or that customer assets and sensitive information were compromised.


ConsenSys also reported no indication that the developer extracted proprietary data or affected user security. Besides notifying law enforcement, the company completed an internal review to assess the scope of the contractor’s access and determine whether additional safeguards were necessary.


The company did not disclose how it concluded that the developer was connected to North Korea. Nevertheless, it stated that its existing security controls successfully detected the suspected threat before users experienced any impact.


Third-Party Hiring Practices Face Greater Scrutiny

The incident has prompted ConsenSys to strengthen oversight of contractors hired through external providers. Moreover, the company plans to apply the same screening standards used for direct employees across more complex third-party engineering relationships.


North Korean operatives have repeatedly secured remote software positions at technology companies by using fabricated identities. These operations can generate revenue for the North Korean government while providing access to proprietary software, corporate infrastructure, and sensitive business information.


According to Crypto Briefing, TRM Labs estimated that North Korea-linked groups accounted for approximately 66% of cryptocurrency stolen during the first half of 2026. The report valued those thefts at roughly $643 million, highlighting the growing cybersecurity risks facing the digital asset industry.


Conclusion

ConsenSys maintains that its security systems detected the suspected threat before any harm reached MetaMask users. The company has since expanded its review of third-party hiring practices while reinforcing contractor verification procedures to reduce similar risks in the future.


Also Read: Bank of America Expands Digital Assets Team With New Executive Leadership