The archived investigation examines the Nick L. Franklin persona, alleging that a blockchain security identity may have been used for DPRK-linked social engineering against cryptocurrency researchers and projects. The source cites a suspicious file sent to Anton Bukov, Telegram account history, a Sepolia faucet address, and a Safe connected to testing around the Radiant Capital hack as pivots for attribution research. The report is most useful as CTI on persona-based targeting in the crypto ecosystem: a developed identity interacted with major researchers and services, potentially lowering trust barriers before compromise attempts. Responders should validate any direct interactions with the persona, preserve messages and files, and correlate wallet, Telegram, and incident-response evidence before drawing conclusions.