North Korean Operative Exposed During Kraken Exchange Job Interview

By: bitcoin ethereum news|2025/05/02 14:30:02
0
Share
copy
TLDR North Korean actor attempted to infiltrate Kraken by applying for an engineering position Kraken received industry tip-off about suspicious emails linked to the hacker The applicant used fake identities, altered documents, and appeared to be coached during interviews Kraken deliberately continued the hiring process to gather intelligence on hacking tactics This incident highlights North Korea’s ongoing efforts to target crypto companies for financial gain North Korean hackers are getting creative in their attempts to infiltrate crypto companies, as demonstrated by a recent job application at Kraken exchange. The US-based crypto exchange revealed that it identified and tracked a North Korean operative who applied for an engineering role at the company. In a blog post published on May 1, Kraken detailed how what began as a standard hiring process quickly evolved into an intelligence-gathering operation. The company decided to advance the suspicious candidate through its hiring process after noticing several red flags. The first warning signs appeared early in the interview process. The applicant joined video calls using a name different from what was on their application. During the calls, they “occasionally switched between voices,” suggesting they were being coached in real-time by others. Rather than immediately rejecting the applicant, Kraken made the strategic decision to continue the process. This allowed them to collect valuable information about the tactics being used by the state-sponsored actor. Sophisticated Deception Methods The deception was uncovered thanks to a tip from industry partners who had warned that North Korean operatives were actively seeking employment at crypto companies. Kraken received a list of suspicious email addresses, and one matched the candidate’s application email. With this lead, Kraken’s security team uncovered a network of fake identities used by the hacker. These identities had been used to apply to multiple companies in the industry. Kraken CSO @c7five recently spoke to @CBSNews about how a North Korean operative unsuccessfully attempted to get a job at Kraken. Don’t trust. Verify pic.twitter.com/1vVo3perH2 — Kraken Exchange (@krakenfx) May 1, 2025 Technical inconsistencies further exposed the scheme. The applicant used remote Mac desktops accessed through VPNs to hide their true location. The identification documents they provided appeared to be altered, likely using details stolen in a previous identity theft case. The GitHub profile linked to the applicant’s resume contained an email address that had been exposed in a previous data breach. This created another connection to the suspicious activity. During final interviews, Kraken Chief Security Officer Nick Percoco conducted impromptu identity verification tests. These included asking the candidate to show government ID, verify their city of residence, and name local restaurants from their supposed location. “At this point, the candidate unraveled,” Kraken stated in their blog post. “Flustered and caught off guard, they struggled with the basic verification tests and couldn’t convincingly answer real-time questions.” Broader Threat Landscape The infiltration attempt comes amid heightened cyber activity from North Korea. International sanctions have effectively cut the country off from the global financial system, pushing the regime to target crypto as an alternative source of funds. North Korean hackers have stolen billions worth of cryptocurrency this year alone. The Lazarus Group, a hacking collective affiliated with North Korea, was responsible for February’s $1.4 billion Bybit exchange hack, which stands as the largest crypto theft in industry history. In April, a subgroup of Lazarus was found to have established three shell companies, including two in the US. These entities were created to deliver malware to unsuspecting users and scam crypto developers. According to a January statement released by the US, Japan, and South Korea, North Korean-linked hackers stole more than $650 million through multiple crypto heists during 2024. They’ve also deployed IT workers to infiltrate blockchain and crypto companies as insider threats. The remote work trend has made it easier for such operatives to conceal their identities and locations. By embedding agents inside firms, the regime gains access to sensitive data and can deploy ransomware or malicious code. “Don’t trust, verify. This core crypto principle is more relevant than ever in the digital age,” said Percoco. “State-sponsored attacks aren’t just a crypto or US corporate issue — they’re a global threat.” Kraken’s investigation underscores the need for companies to maintain vigilant hiring practices, particularly as state-sponsored actors become increasingly sophisticated in their infiltration attempts. Source: https://blockonomi.com/north-korean-operative-exposed-during-kraken-exchange-job-interview/

-- Price

--

You may also like

Circle CEO responds to OUSD's challenge: Stablecoins are a winner-takes-all business, and we will not slow down

OUSD was jointly launched by more than 140 giants, causing Circle's stock price to plummet in a single day. Circle's CEO personally wrote a response, clarifying USDC's moat from three aspects: network effects, liquidity, and regulation, and dismantling OUSD's three selling points of "free redemption...

Argentina vs Cape Verde: When a Record-Breaking Legend Meets an Unbreakable Underdog

WEEX exclusive pre-match analysis of Argentina vs Cape Verde, exploring Messi-led Argentina’s dominance and Cape Verde’s historic defensive breakout, with a breakdown of volatility, structure, and match dynamics.

How does Gate redo "buying and selling stocks" from the cryptocurrency world to the stock market?

The competition logic of exchanges has changed.

Former ByteDance employee's account: How I started with two Pinduoduo hard drives and made six times the profit with Seagate to achieve financial freedom?

A programmer from a big tech company bought hard drives on Pinduoduo and, following clues, managed to accurately capture the sixfold rising stock Seagate using the "finding daily anomalies + 13F institutional verification" framework, making a wild profit of $400,000 and achieving financial freedom.

Visa and Mastercard join 140 giants to launch a new stablecoin, but the impact on the market landscape may still be limited

As an important milestone event in the stablecoin landscape, OUSD is likely to change the existing stablecoin landscape and significantly increase the adoption rate of stablecoins in the global financial system.

WEEX Launches Depth Chart for Spot Trading

WEEX Spot now supports Depth Chart, helping users visualize buy and sell orders, spot liquidity walls, and understand market depth more clearly before placing trades.

Contents

Popular coins

Latest Crypto News

Read more
iconiconiconiconiconiconicon
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com