Kraken details how it spotted North Korean hacker in job interview
US crypto exchange Kraken has detailed a North Korean hacker’s attempt to infiltrate the organization by applying for a job interview.“What started as a routine hiring process for an engineering role quickly turned into an intelligence-gathering operation,” the company wrote in a May 1 blog post.Kraken said the applicant’s red flags appeared early on in the process when they joined an interview under a name different from what they applied with and “occasionally switched between voices,” apparently being guided through the interview.Rather than immediately rejecting the applicant, Kraken decided to advance them through its hiring process to gather information about the tactics used.International sanctions have effectively cut North Korea off from the rest of the world, and the country’s ruling Kim family dictatorship has long targeted crypto companies and users to top up the country’s coffers. It’s stolen billions worth of crypto so far this year.Kraken reported that industry partners had tipped them off that North Korean actors were actively applying for jobs at crypto companies. “We received a list of email addresses linked to the hacker group, and one of them matched the email the candidate used to apply to Kraken,” it said. With this information, the firm’s security team uncovered a network of fake identities used by the hacker to apply to multiple companies. Kraken also noted technical inconsistencies, which included the use of remote Mac desktops through VPNs and altered identification documents.Kraken CSO @c7five recently spoke to @CBSNews about how a North Korean operative unsuccessfully attempted to get a job at Kraken. Don’t trust. Verify
US crypto exchange Kraken has detailed a North Korean hacker’s attempt to infiltrate the organization by applying for a job interview.
“What started as a routine hiring process for an engineering role quickly turned into an intelligence-gathering operation,” the company wrote in a May 1 blog post.
Kraken said the applicant’s red flags appeared early on in the process when they joined an interview under a name different from what they applied with and “occasionally switched between voices,” apparently being guided through the interview.
Rather than immediately rejecting the applicant, Kraken decided to advance them through its hiring process to gather information about the tactics used.
International sanctions have effectively cut North Korea off from the rest of the world, and the country’s ruling Kim family dictatorship has long targeted crypto companies and users to top up the country’s coffers. It’s stolen billions worth of crypto so far this year.
Kraken reported that industry partners had tipped them off that North Korean actors were actively applying for jobs at crypto companies.
“We received a list of email addresses linked to the hacker group, and one of them matched the email the candidate used to apply to Kraken,” it said.
With this information, the firm’s security team uncovered a network of fake identities used by the hacker to apply to multiple companies.
Kraken also noted technical inconsistencies, which included the use of remote Mac desktops through VPNs and altered identification documents.
Kraken CSO @c7five recently spoke to @CBSNews about how a North Korean operative unsuccessfully attempted to get a job at Kraken.
Don’t trust. Verify
What's Your Reaction?
