What began as a seemingly routine recruitment drive at U.S.-based crypto exchange Kraken took a dramatic turn when the company realized it was dealing with a North Korean hacker posing as a job applicant. The candidate, who had applied for an engineering position, raised suspicions early on by using a different name during the interview and inconsistently switching between voices—suggesting real-time coaching. Instead of cutting the interview short, Kraken chose a more strategic route. The team allowed the applicant to proceed through several stages of the hiring pipeline, turning the process into an opportunity to uncover deeper intelligence on the methods and networks used by the infiltrator. Hiring Process Unmasks an International Threat According to a blog post published by Kraken on May 1, the incident aligns with warnings from industry partners who had already flagged suspicious hiring attempts tied to North Korea . A key breakthrough came when Kraken matched the applicant’s email with a list previously identified as being associated with North Korean hacking collectives. The investigation revealed a complex network of fake identities being used to target multiple crypto firms, not just Kraken. Technical inconsistencies piled up—VPN-masked remote Mac desktops, suspicious ID documents, and a resume linked to a GitHub profile using an email compromised in an old data breach. It became increasingly evident that the applicant’s primary identification had been doctored, likely built on details from a two-year-old identity theft case. Final interviews were conducted by Kraken’s chief security officer, Nick Percoco, who used trap verification protocols. The candidate failed, confirming the worst: a state-backed attempt at infiltration. “This isn’t just a crypto security concern — it’s a global one,” said Percoco. “The old adage in crypto, ‘Don’t trust, verify,’ has never rung truer.” North Korean Lazarus Group North Korea has ramped up its focus on the crypto industry, often as a means of circumventing international sanctions. The Lazarus Group, a state-sponsored hacking syndicate, has been tied to numerous heists—including the record-breaking $1.4 billion hack of Bybit in February . According to joint statements by the U.S., South Korea, and Japan, North Korean hackers stole over $650 million in 2024 alone. Some even established U.S.-based shell companies to push malware and infiltrate developer networks. Kraken’s exposé serves as a stark reminder: In crypto, threats aren’t always external — sometimes, they come through your front door disguised as opportunity. The post Kraken Outs North Korean Hacker Masquerading as Job Applicant: Details appeared first on TheCoinrise.com .
