TLDR:
-
Kraken uncovered a job applicant suspected of being a North Korean operative.
-
The applicant used fake identities and showed signs of real-time coaching.
-
Crypto companies increasingly targeted by state-sponsored infiltration.
From Interview to Intelligence Operation
A job interview for a remote engineering role at Kraken turned into a security probe after the candidate showed signs of identity deception and coaching. Instead of cutting the process short, Kraken continued the interviews to gather intelligence.
Infiltration Tactics Uncovered
The candidate used multiple aliases, falsified documents, and a colocated remote desktop to hide their identity and location. The email address used was linked to previously flagged networks of North Korean operatives.
Final Interview Reveals the Truth
During the final interview, Kraken security chief Nick Percoco asked spontaneous verification questions. The applicant failed to respond credibly to questions about their identity and location, confirming suspicions.
Crypto Industry as a Target
North Korea has ramped up its cyber tactics to infiltrate crypto firms, using fake U.S. companies and remote hiring as entry points. The Lazarus Group and its affiliates have stolen billions via ransomware, hacks, and fraud.
Call for Vigilance
Kraken’s handling of the case underscores a growing threat to the crypto industry. Percoco reminded companies that verification is key: “Don’t trust, verify.”
