An investigation maps a cluster of 14 or more DPRK-linked IT worker accounts that allegedly infiltrated Tokamak Network and contributed heavily to bridge, NFT marketplace, subgraph, and landing-page repositories. The excerpt identifies primary actor "jusdy" with 508 commits and a second operator, "black02430horse," who worked on bridge components and maintained a pending-transaction fetcher for Titan chain activity. The reported TTPs include identity rotation, deleted and renamed GitHub accounts, reused commit emails, fake collaborations across multiple personas, and batch-created social proof networks. The activity matters because the same cell is described as having access to crypto bridge code and broader DeFi, AI, Bitcoin, Bittensor, and NFT projects, creating supply-chain and insider-risk exposure across high-value ecosystems.