Kraken tells how it spotted North Korean hacker in job interview
By: bitcoin ethereum news|2025/05/02 20:15:02
0
Share
US crypto exchange Kraken has detailed a North Korean hacker’s attempt to infiltrate the organization by applying for a job interview. “What started as a routine hiring process for an engineering role quickly turned into an intelligence-gathering operation,” the company wrote in a May 1 blog post. Kraken said the applicant’s red flags appeared early on in the process when they joined an interview under a name different from what they applied with and “occasionally switched between voices,” apparently being guided through the interview. Rather than immediately rejecting the applicant, Kraken decided to advance them through its hiring process to gather information about the tactics used. International sanctions have effectively cut North Korea off from the rest of the world, and the country’s ruling Kim family dictatorship has long targeted crypto companies and users to top up the country’s coffers. It’s stolen billions worth of crypto so far this year. Kraken reported that industry partners had tipped them off that North Korean actors were actively applying for jobs at crypto companies. “We received a list of email addresses linked to the hacker group, and one of them matched the email the candidate used to apply to Kraken,” it said. With this information, the firm’s security team uncovered a network of fake identities used by the hacker to apply to multiple companies. Kraken also noted technical inconsistencies, which included the use of remote Mac desktops through VPNs and altered identification documents. Kraken CSO @c7five recently spoke to @CBSNews about how a North Korean operative unsuccessfully attempted to get a job at Kraken. Don’t trust. Verify pic.twitter.com/1vVo3perH2 — Kraken Exchange (@krakenfx) May 1, 2025 The applicant’s resume was linked to a GitHub profile containing an email address exposed in a past data breach, and the exchange said the candidate’s primary form of ID “appeared to be altered, likely using details stolen in an identity theft case two years prior.” During final interviews, Kraken chief security officer Nick Percoco conducted trap identity verification tests that the candidate failed, confirming the deception. Related: Lazarus Group’s 2024 pause was repositioning for $1.4B Bybit hack “Don’t trust, verify. This core crypto principle is more relevant than ever in the digital age,” Peroco said. “State-sponsored attacks aren’t just a crypto or US corporate issue — they’re a global threat.” North Korea pulls off biggest-ever crypto hack North Korea-affiliated hacking collective Lazarus Group was responsible for February’s $1.4 billion Bybit exchange hack, the largest ever for the crypto industry. North Korean-linked hackers also stole more than $650 million through multiple crypto heists during 2024, while deploying IT workers to infiltrate blockchain and crypto companies as insider threats, according to a statement released by the US, Japan and South Korea in January. In April, a subgroup of Lazarus was found to have set up three shell companies, with two in the US, to deliver malware to unsuspecting users and scam crypto developers. Magazine: Japanese porn star’s coin red flags, Alibaba-linked L2 runs at 100K TPS: Asia Express Source: https://cointelegraph.com/news/kraken-details-how-it-spotted-north-korean-hacker-in-job-interview?utm_source=rss_feed&utm_medium=feed&utm_campaign=rss_partner_inbound
You may also like
The crypto IPO class of 2025-26 is down as much as 89%. Autopsy of a listing boom
Robinhood Chain Mining Guide: A Comprehensive Tutorial from Cross-Chain to Memecoin
BitGo CEO says single-digit percentages of bitcoin's supply are 'probably right' for large holders amid Strategy's sale
Beyond Private Keys: How to Safeguard the Security Boundaries of Web3 from Wallets, L2 to Supply Chains?
Vanguard Enters the Market, Opening a New Crypto Gateway for 50 Million Traditional Investors
Why the OUSD Alliance of 150 Companies Still Cannot Shake USDT and USDC?
Citigroup Analysis: Is There Still 47% Upside for Nvidia? Can Rubin and CPO Deliver?
WEEX API Fast Connect: Turn Every Sign-In Into a Live Trader in Under 10 Seconds
WEEX API Fast Connect is a one-click OAuth authorization system that lets your users link their WEEX account without ever touching an API key. Frictionless onboarding, faster conversions, higher retention — built for WEEX Broker partners.
Bitcoin's dwindling exchange reserves don't pack the same bullish punch anymore
From Le Mans to the Rollercoaster: Carl Moon Takes On Portimão
Crypto world renowned KOL and racing driver Carl Moon, backed by WEEX, heads to the Ferrari Challenge Portugal round at the Algarve International Circuit, July 16–19, fresh off a podium finish at Le Mans. Here's why this race is one to watch.
Fast execution. Split-second accuracy. Security that never blinks. That's WEEX — and that's exactly how Carl races.
The Downfall of a Public Company: A $1.46 Billion Bet on WLFI, $540 Million Went to the Trump Family
Dragonfly Partner: BTC is Intergenerational Wealth, Optimistic About ETH and SOL
Goldman Sachs Calls to Go Long on Chinese AI: $4 Trillion Market Value Behind, Global Funds Only Allocated 1.2%
The New Landscape of Cryptocurrency in Europe: Why Germany Takes Center Stage?
Robinhood vs xStocks: Stock Tokenization Shouldn't Just Focus on Ticker On-Chain
Nexo launches crypto card in Argentina as Latin America push grows
Bank of America: Nvidia's Forward P/E Falls to 7-Year Low, Market Paying for a Non-Existent Risk
Q2 2026 CEX Trading Data Review: Who's Slacking Off? Who's Inflating Their OI?
The crypto IPO class of 2025-26 is down as much as 89%. Autopsy of a listing boom
Robinhood Chain Mining Guide: A Comprehensive Tutorial from Cross-Chain to Memecoin
BitGo CEO says single-digit percentages of bitcoin's supply are 'probably right' for large holders amid Strategy's sale
Beyond Private Keys: How to Safeguard the Security Boundaries of Web3 from Wallets, L2 to Supply Chains?
Vanguard Enters the Market, Opening a New Crypto Gateway for 50 Million Traditional Investors
Why the OUSD Alliance of 150 Companies Still Cannot Shake USDT and USDC?
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com
