Allegations of North Korean Involvement Rock Cosmos Ecosystem

Allegations of North Korean Involvement Rock Cosmos Ecosystem

In an unsettling revelation, Jacob Gadikian, a developer within the Cosmos ecosystem, disclosed on X that North Korean programmers might have been involved in the development of Cosmos’ Liquid Staking Module (LSM). Highlighted in an on-chain investigation, these allegations have not only drawn the attention of the crypto community but also the scrutiny of the FBI in 2023. Gadikian clarified that the issue is not about the developers’ origin but their potential ties to known cybercrime activities, describing them as “the world’s most skilled and prolific crypto thieves.”

Reacting to these serious claims, Ethan Buchman, the co-founder of Cosmos, took to X to address the community’s concerns. He acknowledged that the Cosmos team was previously unaware of the LSM’s potentially compromised development lineage. Buchman detailed the immediate steps being taken, including rapid security audits and plans to lessen or eliminate reliance on the LSM to safeguard the ecosystem.

Security Fears Sparked by Alleged Involvement

Melody Chan, the research lead at Redecentralise, voiced concerns over potential hidden vulnerabilities that could stem from this development, such as covert backdoors. The urgency for thorough code audits is a direct response to these risks, amplified by the recent FBI warnings regarding the security of blockchain projects with possible North Korean integrations.

The infamous Lazarus Group, linked to the North Korean government, is well-known for its extensive history of cryptocurrency theft, including the high-profile $600 million Ronin bridge heist. While the association between the LSM developers and the Lazarus Group remains speculative, the potential implications of such a connection are alarming. Anndy Lian, a blockchain intergovernmental expert, emphasized the need for caution, pointing out that confirmed links to North Korean state operations could reveal serious security flaws within the LSM.

Informal Systems, a core Cosmos contributor, has announced a robust response plan, starting with two comprehensive audits by OtterSec and Binary Builders, and another by Zellic. These audits aim to identify and mitigate any security vulnerabilities promptly. Additionally, a strategic move towards a “phased removal” of the LSM is under discussion, proposing a transition to a more secure and efficient framework that better supports the needs of validators and voters within the Cosmos governance structure.

Community Engagement and Governance

The proposed governance changes involve a community vote on the LSM’s fate, suggesting a grace period for stakeholders to adjust before a complete transition. This process underscores the community’s role in shaping Cosmos’ security protocols and governance models, ensuring that the ecosystem remains resilient against threats and maintains its integrity.

As the Cosmos community confronts these allegations, the outcomes of the upcoming audits and governance decisions will critically influence the ecosystem’s future trajectory. The proactive steps taken by Cosmos leaders and contributors demonstrate a commitment to transparency and security, aiming to restore and enhance trust among users and investors in a landscape marked by increasing cybersecurity challenges.

 

Source: https://digitalmarketreports.com/news/28267/allegations-of-north-korean-involvement-rock-cosmos-ecosystem/

Anndy Lian is an early blockchain adopter and experienced serial entrepreneur who is known for his work in the government sector. He is a best selling book author- “NFT: From Zero to Hero” and “Blockchain Revolution 2030”.

Currently, he is appointed as the Chief Digital Advisor at Mongolia Productivity Organization, championing national digitization. Prior to his current appointments, he was the Chairman of BigONE Exchange, a global top 30 ranked crypto spot exchange and was also the Advisory Board Member for Hyundai DAC, the blockchain arm of South Korea’s largest car manufacturer Hyundai Motor Group. Lian played a pivotal role as the Blockchain Advisor for Asian Productivity Organisation (APO), an intergovernmental organization committed to improving productivity in the Asia-Pacific region.

An avid supporter of incubating start-ups, Anndy has also been a private investor for the past eight years. With a growth investment mindset, Anndy strategically demonstrates this in the companies he chooses to be involved with. He believes that what he is doing through blockchain technology currently will revolutionise and redefine traditional businesses. He also believes that the blockchain industry has to be “redecentralised”.

j j j

Cosmos ecosystem rocked by North Korean developer allegations

Cosmos ecosystem rocked by North Korean developer allegations

A newly released onchain investigation alleges that part of the Cosmos ecosystem may have been developed by North Korean agents and attracted the FBI’s attention in 2023.

Part of Cosmos’ Liquid Staking Module (LSM) may have been built by North Korean developers, according to Cosmos ecosystem developer Jacob Gadikian, who shared the investigation in an Oct. 16 X post:

“It isn’t about their geography or ethnicity.  The people who built the LSM are the world’s most skilled and prolific crypto thieves.”

Investor concerns arose after the revelation, fearing that some of the developers might have come from the infamous Lazarus Group, a cybercrime group with North Korean government affiliation credited for some of the biggest crypto hacks, including the $600 million Ronin bridge exploit.

Cosmos was previously unaware of the North Korean contribution to the LSM, according to Ethan Buchman, the co-founder of Cosmos, who wrote in an Oct. 18 X post:

“Props to the teams coming together to line up these audits quickly. We’re also looking at ways to remove dependence on LSM completely. None of us were aware of the North Korean work on LSM, but working together to deal with it.”

Decentralization, North Korea, Developers, Cosmos, Staking
Cosmos co-founder response to North Korean connection. Source: Ethan Buchman

The fact that malicious North Korean actors may be involved with Cosmos LSM code could present hidden vulnerabilities, like a secret back door in the ecosystem, according to Melody Chan, research lead at Redecentralise, a nonprofit advocating the sustainable development of decentralized finance (DeFi).

The research lead told Cointelegraph:

“The big fear is that these developers might add vulnerabilities, like backdoors or ways to hack the system. With the current issues in the LSM and the FBI’s warnings, it’s clear that thorough code audits are urgently needed.”

Lazarus is among the most notorious groups of crypto hackers, first emerging in 2009 and stealing over $3 billion in crypto assets in the six years leading up to 2023.

Cosmos LSM’s fate could be decided by incoming security audits

While the possible North Korean connection is concerning, it doesn’t necessarily imply that the developers were affiliated with the Lazarus Group, according to Anndy Lian, author and intergovernmental blockchain expert.

Based on the current information, ties to the Lazarus Group are still just allegations, Lian told Cointelegraph. Still, he added:

“Should developers with connections to North Korea—especially those linked to military or state operations known for cyberattacks and cryptocurrency theft—be implicated, there is a potential risk of hidden vulnerabilities or backdoors in the code.”

Decentralization, North Korea, Developers, Cosmos, Staking
Incoming Cosmos LSM audits. Source: Informal Systems

Two parallel audits will be conducted to tackle any potential vulnerabilities. The first one by OtterSec and Binary Builders, scheduled to begin next week, and the second one by Zellic, set to start in mid-November, announced core Cosmos contributor Informal Systems

Core Cosmos contributors suggest phased removal of Cosmos LSM

Following the reports, Informal Systems suggested a “phased removal” of the Cosmos LSM, which would be replaced by a new framework.

The new framework would benefit validators, voters and overall Cosmos governance, the Cosmos contributor firm wrote in an Oct. 22 X post:

“After a community vote to remove the LSM, there would be a 1-2 month grace period for LSM shareholders to un-tokenize and convert their shares to native delegations. The Cosmos Hub will then need to upgrade to remove the LSM, invalidating remaining tokenized shares and automatically converting them back to native delegations.”

Decentralization, North Korea, Developers, Cosmos, Staking
Cosmos Hub, LSM removal plan. Source: Informal Systems 

The new framework would separate governance from block production, enabling users to delegate block production to one validator while assigning governance votes to different entities.

Cointelegraph has asked Cosmos for comment, but received no immediate reply.

 

Source: https://cointelegraph.com/news/cosmos-lsm-built-north-korean-developers-security-concerns

 

Anndy Lian is an early blockchain adopter and experienced serial entrepreneur who is known for his work in the government sector. He is a best selling book author- “NFT: From Zero to Hero” and “Blockchain Revolution 2030”.

Currently, he is appointed as the Chief Digital Advisor at Mongolia Productivity Organization, championing national digitization. Prior to his current appointments, he was the Chairman of BigONE Exchange, a global top 30 ranked crypto spot exchange and was also the Advisory Board Member for Hyundai DAC, the blockchain arm of South Korea’s largest car manufacturer Hyundai Motor Group. Lian played a pivotal role as the Blockchain Advisor for Asian Productivity Organisation (APO), an intergovernmental organization committed to improving productivity in the Asia-Pacific region.

An avid supporter of incubating start-ups, Anndy has also been a private investor for the past eight years. With a growth investment mindset, Anndy strategically demonstrates this in the companies he chooses to be involved with. He believes that what he is doing through blockchain technology currently will revolutionise and redefine traditional businesses. He also believes that the blockchain industry has to be “redecentralised”.

j j j