A Shadowy Secret: Intelligence Infiltration of Web3 Projects
While the aim of our due diligence process is to assess risk and provide advisory services, it can also lead to interesting discoveries on off-chain happenings. CertiK recently uncovered indications that Iranian intelligence operatives could be actively attempting to infiltrate some crypto projects early in their development phase. In this article, our team of former law enforcement investigators and intelligence analysts share their findings and give their expert takeaways on how to preserve the integrity of the Web3 industry.
How a Due Diligence Investigation Stumbled Upon an Undercover Government Operation
CertiK is a Web3 cybersecurity company that provides a wide array of security, research and due diligence services. As part of our advisory service, CertiK conducts in-depth Web3 security investigations and technical assessments on behalf of institutional investors, Fortune 500 companies, and crypto exchanges. While conducting an assessment for a specific Web3 project, CertiK investigators detected that some of the core developers were actively concealing their existence from us. Once discovered, the stealth development team eventually agreed to give us more information about their motive for hiding. In doing so, they told us a story with ramifications for everyone in crypto.
According to the project’s lead developer, soon after he launched his Web3 project in his home country of Iran, he was summoned to the local Islamic Revolutionary Guard Corps offices. Once on site, intelligence agents began by asking him to “cooperate” with them. The developer was reluctant to compromise the integrity of his project by giving up any degree of control without informing the community of such a measure. Unsurprisingly, the Revolutionary Guards were not impressed. They quickly progressed from firm requests to aggressive manipulation techniques. They held the developer for multiple weeks in solitary confinement in a room that measured just 2x1 meters: barely enough room to lie down. They combined this with a variety of persuasion techniques, aggressive interrogation, and threats.
The developer explained to us that it was very difficult for him to endure this mental torture over such an extended time period. While he was undergoing this, the intelligence operatives wanted him to keep working on his Web3 venture to maintain the facade that everything was going well while they retained ultimate control over the project.
After finally convincing the operatives that he was sufficiently “broken” and would continue to cooperate, they allowed him to return home. Instead of complying, the developer leveraged the resources of his network and on-chain assets to flee the country, obtain a new nationality, and start another Web3 project with other developers who fled the country for similar reasons. The developer explained that because of this defection, he could not return to Iran, and his team was now working in stealth mode in order to avoid potential extraterritorial retaliation.
A Credible Threat to Web3
According to our investigators, who have participated in multiple international undercover operations during their time in law enforcement, there is credibility to these reports. We also discovered a trend of several other developers working in stealth mode behind other Web3 projects due to similar concerns. These intelligence and investigative observations suggest there could be a systematic effort on the part of some intelligence services to infiltrate the crypto industry by targeting specific developers.
Our investigators noted the source’s claims were consistent with how unilateral undercover operations can be conducted by state actors to advance their national interests. In certain countries (including some that do not have a reputation for having a “repressive regime” like Iran) threatening to prosecute a software developer unless they become an active informant or agent is a common practice. Operatives call this the “flipping” tactic, as it consists of converting a potential adversary into a confidential informant. Our investigators added that these undercover operations are especially focused on encryption specialists, because the control of encryption-related technologies and applications is key to national security and sovereignty.
These findings suggest a fundamental risk for a number of people involved in crypto and Web3. In the short term, some software developers may face legitimate risks to their personal security. In the long run, once a state organization secretly gains control of a crypto project, they could use their leverage to access confidential data, insert intentional zero-day vulnerabilities, distribute malware, mobile backdoors, and use these integrated systems to conduct surveillance, censorship, extortion, or cause significant damage to specific targets in the future.
Preserving Web3 Integrity
It does not come as a surprise that state agencies are specifically targeting Web3 projects and attempting to infiltrate them. As new blockchain applications continue to gain adoption, they have become strategic targets for geopolitical influence and intelligence operations.
Web3 developers should consider the legal protections and potential risks they may face in the jurisdiction where they operate, particularly from state agencies and institutions.
From a cybersecurity standpoint, it is crucial for the Web3 industry to raise its standard for due diligence and risk management to preserve the integrity of the industry. The hidden risks associated with Web3 projects can have severe consequences for the security of individuals and organizations involved in or with these projects, including operational, reputational, and legal damage.
The anonymity and pseudonymity inherent to crypto is important to protect the security of users and developers worldwide. However, these features can also be exploited by repeat scammers to evade responsibility for their actions. A balance between privacy and transparency is crucial. CertiK’s KYC process keeps private information private while allowing teams to demonstrate their commitment to transparency.
We recommend that organizations seeking to engage with Web3 projects deploy due diligence efforts proportional to the cyber risks at stake. A comprehensive risk assessment can help organizations to detect potential issues and take appropriate measures to mitigate them. The CertiK expert advisory team is composed of 250+ seasoned security engineers, data scientists, intelligence analysts, and criminal investigators, and has acquired a unique expertise in working with over 3,700 Web3 projects on security matters over a five-year period. Not only is this team able to conduct in-depth risk assessments of Web3 projects or ecosystems, but they are also able to recommend and deploy ad-hoc cybersecurity measures, such as tailored technical audits, on-chain monitoring, penetration testing, bug bounty programs, and cyber-incident management programs.
CertK Editor’s note: Due to concerns for the safety of our sources, some details have been intentionally modified and the report has been redacted of any detail that could lead to the identification of the alleged victims or their location. As part of our core mission to secure the Web3 world, CertiK is regularly contacted by victims of crypto crimes, and provides investigation reports to law enforcement authorities in order to support their effort to prosecute criminal operators.
This is a guest post from CertiK originally published here.
Listen to the Twitter Space interview with Shana, a CertiK investigator on the research team behind the article.
What is CertiK:
CertiK is a blockchain security firm that helps projects identify and eliminate security vulnerabilities in blockchains, smart contracts, and Web3 applications using its services, products, and cybersecurity techniques.
Where to find CertiK:
This is a paid press release, BSC.News does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. The project team has purchased this advertisement article for $1500. Readers should do their own research before taking any actions related to the company. BSC.News is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned in the press release.
This is a paid press release, BSC.News does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. The project team has purchased this advertisement article for $2500. Readers should do their own research before taking any actions related to the company. BSC.News is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned in the press release.
Author
Related News
Binance Executive Tigran Gambaryan Sues Nigeria's NSA and EFCC
The lawsuit reflects escalating tensions amidst allegations of innocence and regulatory scrutiny surrounding Binance Nigeria's alleged involvement in illicit financial activities.
The detained executive of Binance, Mr. Tigran Gambaryan, has taken legal action against Nigeria's National Security Adviser (NSA) Nuhu Ribadu, and the Economic and Financial Crimes Commission (EFCC).
Gambaryan, along with the firm's Africa Regional Manager, Mr. Nadeem Anjarwalla, filed a fundamental human rights violation suit amidst ongoing legal turmoil.
Gambaryan's legal challenge, initiated alongside his lawyer Mr. Olujoke Aliyu, aims to address his prolonged detention by the federal government. The suit, presented before Justice Inyang Ekwo of the Federal High Court in Abuja, challenges the legality of Gambaryan's continued confinement and the seizure of his international travel passport.
Gambaryan, a US citizen overseeing financial crime compliance at Binance, contends that his detention and passport seizure violates Section 35 (1) and (4) of Nigeria's 1999 Constitution. His legal team seeks various reliefs, including his release from custody, the return of his passport, a public apology from the NSA and EFCC, and an injunction against future investigations.
Allegations of Innocence Amidst Legal Turmoil
Gambaryan and his colleague's legal representatives maintain their innocence, claiming that the arrests occurred during discussions with Nigerian authorities regarding legal conflicts involving Binance.
In a dramatic turn of events, Binance's African regional manager, Nadeem Anjarwalla, recently fled Nigerian custody. Anjarwalla's escape follows mounting tensions surrounding the Nigerian authorities' investigation into alleged illicit financial activities involving Binance Nigeria, totaling a staggering $26 billion.
This is a paid press release, BSC.News does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. The project team has purchased this advertisement article for $1500. Readers should do their own research before taking any actions related to the company. BSC.News is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned in the press release.
This is a paid press release, BSC.News does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. The project team has purchased this advertisement article for $2500. Readers should do their own research before taking any actions related to the company. BSC.News is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned in the press release.
Follow us on Twitter and Instagram!
If you need tools and strategies regarding safety and crypto education, be sure to check out the Tutorials, cryptonomics explainers, and Trading Tool Kits from BSC News.
Looking for a job in crypto? Check out the CryptoJobsNow listings!
Author
Try Now!
Sign up Now
Coming Soon
WIN BIG
Coming Soon
Start Earning Today!
Earn Now
Coming Soon
Sign Up Now
Play & Mine!
Coming Soon
Editors Choice
Other Currencies
- nameLTBuyLitecoin
Sponsored
Buy Crypto with Fees as low as 0%
Buy Crypto with a bank transfer, credit or debit card, P2P exchange, and more. Not investment advice. All trading risk. Terms apply.
£0£0+0% - nameLTBuyEOS
Sponsored
Buy Crypto with Fees as low as 0%
Buy Crypto with a bank transfer, credit or debit card, P2P exchange, and more. Not investment advice. All trading risk. Terms apply.
£0£0+0% - nameLTBuyMonero
Sponsored
Buy Crypto with Fees as low as 0%
Buy Crypto with a bank transfer, credit or debit card, P2P exchange, and more. Not investment advice. All trading risk. Terms apply.
£0£0+0% - nameLTBuyBitcoin Cash
Sponsored
Buy Crypto with Fees as low as 0%
Buy Crypto with a bank transfer, credit or debit card, P2P exchange, and more. Not investment advice. All trading risk. Terms apply.
£0£0+0%