Buy Crypto- Markets
Futures- Spot
- Copy Trade
- Earn
- More
Kraken Outsmarts North Korean Hacker Posing as Job Candidate
By: bitcoin ethereum news|2025/05/03 00:15:01
0
Share
Kraken stops hacker posing as engineer in job application. Final interview traps hacker with location, ID questions. Kraken, a well-known cryptocurrency exchange, recently revealed a serious security threat. The North Korean hacker attempted a breach of the organization by using fraudulent employment paperwork to apply as an engineering candidate. Kraken detected the suspicious activity through the teamwork of their trained security personnel and IT experts. Kraken Uses OSINT to Expose State-Backed Hacker At first, the recruitment procedure started out as conventional for standard hiring practices. The indications started to appear unusually. An applicant joined their opening interview under a different name than their résumé. The initial warning signal became visible to the company during this event. When the applicants’ voice showed unexpected minute variations in pitch, the interviewers became suspicious. The candidate seemed to get continuous guidance from another person during the interview, which produced further suspicions. Interestingly, it proved noteworthy that Kraken received an early warning about the development. Industry partners notified the company that North Korean hackers were engaging in cryptocurrency job applications at private companies. The company was given a complete list containing problematic email addresses. One of the email addresses listed by the applicant turned out to belong to this candidate. Kraken responded to the suspicious job candidate with a strategic decision instead of immediate refusal. The security staff chose to maintain pretensions. The interview evaluation process allowed personnel to collect successive information from the job candidate. By doing this, they proved the applicant was indeed a fraudulent person. The Red Team at Kraken initiated an Open-Source Intelligence (OSINT) effort. The researchers traced the candidate’s email through multiple fake identity registrations that appeared in different data breaches. Previous identities owned by this applicant had been employed to seek work at various technology companies. Some employees out of the potential candidates had already accepted positions at the same companies. North Korean Spy Unmasked in Final Interview at Kraken Additional evidence consistently suggested the applications were illegitimate. The candidate utilized remote Mac desktops connected through a VPN as a way to conceal their actual physical location. A GitHub account belonging to the candidate had been flagged by a past data leak through its email address. The presented identification document displayed signs of falseness since it was connected to a known incident of identity theft. To confirm their suspicions, Kraken’s team set up a final “chemistry” interview. Company chief security officer Nick Percoco linked up with others during the conference call. The interview turned out to be a deliberate extraction process rather than a typical candidacy assessment. The candidate needed to prove their location by showing valid government identification while under examination. In addition to this, the interviewers posed basic questions to obtain recommendations regarding dining options in the geographic area in where the candidate claimed to reside. The hacker was unable to respond to basic questions asked during the interview. The interviewer quickly noticed the candidate’s nervous behavior because he did not succeed during verification procedures. In the end, Kraken declared the attack stemmed from state sponsorship. No actual job candidate was participating in the process because it turned out to be a North Korean hacker who attempted to break into the company. Nick Percoco from the CSO Department advised followers to confirm through verification rather than trust blindly. That principle is vital today. Hacker assaults affect businesses and nations throughout the world. The incident functions as an urgent warning for every enterprise worldwide. Future attacks can occur through methods different than malware. The attackers take advantage of job application systems to implement their malicious strategies. Therefore, the defensive framework of companies requires HR departments to participate in maintaining security. Source: https://www.livebitcoinnews.com/kraken-outsmarts-north-korean-hacker-posing-as-job-candidate/
You may also like
DeFi is trapped in the most dangerous prisoner's dilemma in history
This incident has returned to the classic dilemma of cryptography: pragmatic security vs completely decentralized security.
Exclusive Interview with Jeff Hoffman: How Web3 and AI are Reshaping the Trillion-Dollar Social Travel Market
The most valuable platforms will not only be aggregators of suppliers, but they will also have relational networks around payments, loyalty, and communities.
After the KelpDAO hack, AAVE's situation is worse than you think
October 10 is the CEX-driven collapse, an epic failure in DeFi risk mitigation.
Atkins Marks One-Year Anniversary at SEC: Crypto Regulation Shifts from ‘Enforcement Heavy’ to ‘Rulemaking Mode’
Before the bill is passed, the SEC's cryptocurrency regulatory framework remains in a transition state of "administrative guidance + enforcement actions."
Under Political Pressure, Is the Federal Reserve Still Independent?
Powell believes that political pressure is not a threat, and what truly determines the Fed's independence is the Fed itself.
Yellen's Past Remarks: How Will This Incoming "Fed Chair" Disrupt the Federal Reserve? Janet Yellen, who is expected to become the next Chair of the Federal Reserve, has made several significant statements in the past regarding monetary policy, financ...
Powell's reform blueprint not only looks bold and ambitious, but also directly targets many vulnerabilities of the Federal Reserve. Facing the upcoming Senate confirmation hearing, how will this Fed's presumptive new "helmsman" reshape the future of the world's largest central bank?
ZachXBT vs. RAVE: Is a “Clean” Market Really What Speculators Want?
While cleaning up manipulation, it may also involve cleaning up liquidity
Arbitrum Poses as Hacker, 'Steals' Back Money Lost by KelpDAO
Even though Arbitrum wielded the admin key, the battle is far from over.
Without Cook's Apple, Can it Still Grow in the AI Era?
The iPhone Remains at its Peak, But Apple is at a Turning Point
Saylor's Bitcoin Holdings Surpass BlackRock, How Does This "Bitcoin Financing Machine" STRC Work?
Funding Cap is not equal to Execution Path; whether Bitcoin can cooperate is the true variable.
What Is RWA? What Is RWA in Crypto (Complete 2026 Guide)
Wondering what is RWA in crypto? We explain what RWA is, break down RWA tokenization in simple no-jargon terms, and cover why it's 2026's hottest crypto narrative.
What Is the KelpDAO Attack? What It Means for Aave Users in 2026
KelpDAO suffered a $292M rsETH exploit on April 18, 2026, triggering Aave market freezes and $13B DeFi outflows. Here’s what happened, whether Aave is safe now, and what users should do next.
Is your gold really "within reach"? The geographical blind spots of custodial services behind tokenized gold
When "complete physical support" does not equal "truly desirable," the risks are just beginning to emerge.
Cook Passes the Baton, Anthropic Gears Up | Rewire News Morning Brief
In the window of AI reshaping the hardware landscape, Apple has chosen a Maker
Will the Fed Cut Interest Rates Again? Tonight's Data Is Key
Citi believes geopolitical turbulence is temporary and the rate cut trajectory remains unchanged. Meanwhile, Deutsche Bank warns that the policy has reached a neutral stance, with no interest rate cuts in the foreseeable future.
The person taking over Apple has to do something he has never done before
Software, AI, services—areas he never directly controlled in his 25-year Apple career
Why Are You Always Losing Money on Polymarket? Because You're Betting on News, While The Rulebook Favors Insiders
At Polymarket, most people who bet incorrectly are not wrong in their prediction but rather in not having read the rules carefully.
Not a Price Hike, but a Supply Shortage? Oil Price Has Crossed the Threshold
A $95 Per Barrel Price Is Far From Enough to Rebalance the Oil Market
DeFi is trapped in the most dangerous prisoner's dilemma in history
This incident has returned to the classic dilemma of cryptography: pragmatic security vs completely decentralized security.
Exclusive Interview with Jeff Hoffman: How Web3 and AI are Reshaping the Trillion-Dollar Social Travel Market
The most valuable platforms will not only be aggregators of suppliers, but they will also have relational networks around payments, loyalty, and communities.
After the KelpDAO hack, AAVE's situation is worse than you think
October 10 is the CEX-driven collapse, an epic failure in DeFi risk mitigation.
Atkins Marks One-Year Anniversary at SEC: Crypto Regulation Shifts from ‘Enforcement Heavy’ to ‘Rulemaking Mode’
Before the bill is passed, the SEC's cryptocurrency regulatory framework remains in a transition state of "administrative guidance + enforcement actions."
Under Political Pressure, Is the Federal Reserve Still Independent?
Powell believes that political pressure is not a threat, and what truly determines the Fed's independence is the Fed itself.
Yellen's Past Remarks: How Will This Incoming "Fed Chair" Disrupt the Federal Reserve? Janet Yellen, who is expected to become the next Chair of the Federal Reserve, has made several significant statements in the past regarding monetary policy, financ...
Powell's reform blueprint not only looks bold and ambitious, but also directly targets many vulnerabilities of the Federal Reserve. Facing the upcoming Senate confirmation hearing, how will this Fed's presumptive new "helmsman" reshape the future of the world's largest central bank?
App