Kraken Thwarts North Korean Hacker Posing as Job Applicant
By: financefeeds|2025/05/02 16:30:02
0
Share
U.S.-based crypto exchange Kraken revealed that it uncovered and blocked a North Korean hacking attempt disguised as a job application for an engineering role. The scheme was detailed in a blog post on Wednesday and shows the increasing use of social engineering and insider threats by state-backed cybercriminals targeting the crypto industry. According to Kraken, the red flags emerged early in the interview process when the candidate used a different name than the one on their application and intermittently switched voices during the call—suggesting someone was coaching them live. Rather than cutting the process short, Kraken advanced the applicant through additional stages to collect intelligence on the hacker’s methods. The exchange later confirmed the applicant’s email matched a known address linked to North Korea’s cyber units , which had been flagged by industry partners sharing intelligence on ongoing threats. The investigation revealed a broader network of fake identities used by the hacker to apply to several firms, including signs of manipulated ID documents, a resume tied to a GitHub profile linked to an exposed email, and suspicious login behavior involving VPNs and remote Mac desktops. In the final round of interviews, Kraken’s chief security officer, Nick Percoco, ran a series of identity verification traps that the applicant failed, confirming the person behind the screen was not who they claimed to be. The individual’s ID appeared to contain details lifted from a previous identity theft case. “This wasn’t just a fake candidate—it was a coordinated attempt to get inside a crypto company,” said Percoco. “In today’s environment, the old rules don’t apply. Trust has to be earned—and verified.” The attempted breach follows warnings from U.S., Japanese, and South Korean authorities that North Korea has been actively embedding IT workers in blockchain and crypto firms to exfiltrate funds or intelligence. Lazarus Group , a notorious North Korean hacking collective, was blamed for February’s record-breaking $1.4 billion Bybit hack and several others totaling over $650 million in 2024 alone.
You may also like
Bank of Korea defends bank-first stablecoin plan amid bill deadlock
JPMorgan says bitcoin's main risk isn't Strategy, but blockchain adoption that doesn't benefit public chains and tokens
Fear & Greed Index Today: What Extreme Fear Means for Crypto, Stocks and Gold
The Crypto Fear & Greed Index has fallen to Extreme Fear as Tesla, Intel and the Nasdaq declined. See what it means for traders and explore stocks, crude oil and gold in the WEEX TradFi Trading Challenge.
Labour MPs Push to Make UK Crypto Donation Ban Permanent
Supreme Court ruling expanding Trump's authority over federal agencies raises questions for SEC, CFTC as crypto rulemaking advances
'Bottom building in progress': Analysts say bitcoin holder capitulation signals late-stage bear market
A Comprehensive Analysis: Starting from 1996, Who is Laying the Foundation for the Next Generation of Capital Markets
Luke Dashjr, the Biggest Anti-Spammer of Bitcoin, Inscribed Phrases on the Network in 2011
Whales bought 270,000 BTC while ETFs bled $7 billion. One side is wrong
The crypto IPO class of 2025-26 is down as much as 89%. Autopsy of a listing boom
Robinhood Chain Mining Guide: A Comprehensive Tutorial from Cross-Chain to Memecoin
BitGo CEO says single-digit percentages of bitcoin's supply are 'probably right' for large holders amid Strategy's sale
Beyond Private Keys: How to Safeguard the Security Boundaries of Web3 from Wallets, L2 to Supply Chains?
Vanguard Enters the Market, Opening a New Crypto Gateway for 50 Million Traditional Investors
Why the OUSD Alliance of 150 Companies Still Cannot Shake USDT and USDC?
Citigroup Analysis: Is There Still 47% Upside for Nvidia? Can Rubin and CPO Deliver?
WEEX API Fast Connect: Turn Every Sign-In Into a Live Trader in Under 10 Seconds
WEEX API Fast Connect is a one-click OAuth authorization system that lets your users link their WEEX account without ever touching an API key. Frictionless onboarding, faster conversions, higher retention — built for WEEX Broker partners.
Bitcoin's dwindling exchange reserves don't pack the same bullish punch anymore
Bank of Korea defends bank-first stablecoin plan amid bill deadlock
JPMorgan says bitcoin's main risk isn't Strategy, but blockchain adoption that doesn't benefit public chains and tokens
Fear & Greed Index Today: What Extreme Fear Means for Crypto, Stocks and Gold
The Crypto Fear & Greed Index has fallen to Extreme Fear as Tesla, Intel and the Nasdaq declined. See what it means for traders and explore stocks, crude oil and gold in the WEEX TradFi Trading Challenge.
Labour MPs Push to Make UK Crypto Donation Ban Permanent
Supreme Court ruling expanding Trump's authority over federal agencies raises questions for SEC, CFTC as crypto rulemaking advances
'Bottom building in progress': Analysts say bitcoin holder capitulation signals late-stage bear market
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com
