Kraken Foils North Korean Cyberattack Hidden as Job Application

• A North Korean hacker tried to enter Kraken through a job application.
• Kraken used the interview process to confirm and track the threat.
• The event highlights how hiring processes can be new cyberattack paths.

A recent hiring attempt at Kraken turned into a security operation. It began with an application for an engineering role. But small inconsistencies set off internal alerts. The applicant joined the first interview under a different name.

They soon changed names after realizing their error. They also changed tones throughout the call, implying a live coach. The security team of Kraken received tips. The tips were email addresses connected to a notorious North Korean hacking group.

One of them was identical to the email profile used by the suspicious candidate. This revelation turned the tide of the interview. The hiring process became a deliberate intelligence gathering. Kraken’s Red Team opened a full investigation through open-source means. They discovered a larger network of impostor profiles associated with the same perpetrator.

Kraken Confronts State-Backed Deception

The online activity of the candidate showed some more concerning facts. Their GitHub account used an email found in a past data breach. Their entry to a machine was through remote Mac desktops combined with VPNs. This setup masked their location and network origin.

These strategies were similar to those employed by state-funded attackers. Kraken also discovered the candidate’s identity was falsified. It was probably constructed from stolen information in a previous identity fraud case. More investigation revealed the same individual operated under several different names in various companies. A pseudonym was associated with a foreign agent already on a worldwide list of sanctioned individuals.

In spite of the warning signs, Kraken never stopped the interview process. Instead, it utilized it to extract more information. With each successive set of questions, they tried different possibilities. They tested for inconsistency, odd use of technology, and behavioral responses.

A Job Interview with Hidden Stakes

The final task was a relaxed interview with Kraken’s senior security officials. The format looked routine to the applicant. But concealed inside were critical confirmation checks. Inquired about local eateries. They asked for a real-time identification show.

They asked for the city information of the applicant. Every question was designed to check physical location and authenticity. The hacker was struggling to keep up. Answers disintegrated. Verifications were unsuccessful. The team had sufficient evidence. This was more than a scam; it was a state-driven move to penetrate Kraken’s systems.

The company released it to serve as a warning. Brute force is not necessary to have an attack. Some come in with a suit of clothes and a résumé. For crypto and beyond, this is a necessary reminder: hiring requires layers of security.

Related Reading: Bitcoin Consolidation Deepens Near $95K as $3 Trillion Mark Looms