WIRED reports that DTEX and allied researchers exposed a large cluster of North Korean IT worker activity, including personas tracked as Naoki Murano and Jenson Collins. The workers allegedly operated from Laos before relocation to Russia, used false developer identities, targeted crypto and blockchain jobs, and generated revenue for Pyongyang. DTEX tied Murano to earlier public DPRK IT worker reporting and the DeltaPrime heist, while Collins was described as working mainly on crypto and blockchain projects. The disclosure included more than 1,000 email addresses allegedly linked to North Korean IT worker operations, giving defenders new identity and hiring-risk indicators.