Kraken Outsmarts North Korean Hacker in Job Interview Trap

Kraken explained in a May 1 blog post that the applicant showed up for an interview using a different name than the one listed on their application. They also sometimes changed their voice during the call, which suggested that someone else might help behind the scenes.

Instead of rejecting the candidate immediately, Kraken decided to move them forward in the process to learn more about how the attack was being carried out.

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

What is an NFT? (Explained with Animations)

SUBSCRIBE

ON YOUTUBE

Kraken had already been alerted by others in the industry that hackers tied to North Korea were trying to get jobs at crypto companies. A list of suspicious email addresses had been shared with Kraken, and one matched the email the applicant used to apply.

Kraken’s security team found a network of fake identities linked to the candidate. They also spotted technical red flags, such as the use of remote Mac desktops through VPNs and identification documents that seemed edited.

When the hiring process reached its final stage, Kraken’s chief security officer, Nick Percoco, ran some identity verification tests designed to catch fake applicants. The candidate failed these tests, which confirmed that the person was not who they claimed to be.

Percoco stated that threats backed by states are not only a problem for the crypto industry and US businesses, but also pose risks worldwide.

A white hat hacker, c0ffeebabe.eth, recently intercepted a security breach at Morpho Labs, a decentralized lending platform. How did the company respond? Read the full story.