Rekt News describes the alleged exposure of the Nick Franklin persona as part of a North Korea-linked social-engineering network targeting Web3 security researchers and protocols. The article says Anton Bukev's warning about a malicious macOS app led investigators to connect Franklin to Lazarus-linked activity, including Radiant Capital's $50 million multisig compromise and a Sepolia address associated with attack testing. The source also describes a wider network of fake or connected developer personas, fake protocols such as Aqua Protocol, and malware or scam infrastructure used to build credibility before targeting crypto teams. The reporting is attribution-heavy and partly investigative, so claims should be kept to the source's stated allegations and evidence links.