Security researcher Taylor Manonan has reported that North Korean IT workers have been infiltrating decentralized finance (DeFi) platforms for the past seven years, impacting over 40 platforms. This revelation follows a recent $280 million exploit involving the Drift Protocol, which was targeted by a North Korean group known as UNC4736. Drift Protocol described the incident as a highly coordinated social engineering operation, where attackers posed as legitimate traders and manipulated team members into interacting with malicious software. Analysts from Creator Network R3ACH noted that the notorious Lazarus group, linked to North Korea, has stolen over $7 billion in cryptocurrency since 2017, with significant attacks including the $625 million Ronin Bridge hack in 2022. The US Treasury has previously sanctioned individuals connected to North Korean IT schemes that utilized fake identities to secure remote tech jobs, generating illicit revenue for the regime. This ongoing infiltration raises serious concerns about the security of DeFi platforms and the potential funding of North Korea's nuclear weapons program through stolen cryptocurrency.