The latest safety disclosure of Crypto Exchange Kraken can be read less as a corporate blog article than a field line report on the modern cyber-warfare. Published on May 1, 2025 under the blunt title “how we identified a North Korean pirate who attempted to obtain a job at Kraken”, the account described in the granular details how a apparently routine hiring process has transformed into what the exchange openly calls “an information collection operation”.
From the first contact, something did not feel. The recruiters noticed that the applicant “joined under a different name from that on their CV, and quickly changed it”, a detail that the security team later described as the opening note in a symphony of red flags. A few moments later, the interview took a strange stamp: “The candidate sometimes changed his votes, indicating that they were trained through the interview in real time.”
Kraken Tricks North Korea Crypto Hacker
Kraken staff did not only count on intuition. The message explains that the industry partners had already distributed “a list of email addresses linked to the pirate group”, and one of these addresses corresponded to the curriculum vitae in question. Armed with this match, the Kraken Red team launched a Osint dive that has exposed what it calls “a larger network of false identities and alias” spreading on the job market for cryptography. According to the blog, several companies had involuntarily hired characters in the same network of curriculum vitae manufactured, and “an identity in this network was also a foreign agent known on the list of sanctions”.
Technical inconsistencies have started to accumulate. The exchange tells how the applicant relied on “Mac desktops behind remotely but interacted with other components via a VPN”, a configuration privileged by operators who need to whiten location data. Investigators linked the curriculum vitae to a GitHub profile containing an e-mail address that had been exposed in a violation of previous data “and finally concluded that the ID of the main government” seemed to be modified, probably using stolen details in an identity flight case two years before. “”
With the assembly of evidence, Kraken opted for poor orientation rather than immediate rejection. The company has advanced the applicant through successive stages – indeed, bait the hook. “Instead of overthrowing the applicant, our security and recruitment teams strategically put them forward thanks to our rigorous recruitment process – not to hire, but to study their approach,” says the blog.
The outcome came in what should have been an informal “chemistry interview” with security director Nick Percoco. The applicant did not realize that each joke was prevented from a test. Percoco and his colleagues asked for live confirmations with two factors: show your government identifier on the camera, report your physical location, appoint some local restaurants. “At this point,” says the position, “the candidate took place. Shaped and caught off guard, they fought with basic verification tests, and could not respond convincingly on real -time questions about their city of residence or the country of citizenship. ”
Percoco later distilled the lesson in disclosure: “Do not trust, check. This basic crypto principle is more relevant than ever in the digital age. The attacks sponsored by the state are not only a target, and American resilience, they are a global threat. Any type of individual treatment.
The blog underlines that the attack surface of the crypto sector is no longer limited to code standards or the hot portfolio infrastructure; It extends to the HR reception box. “All the attackers do not introduce themselves, some try to cross the front door,” writes Kraken, adding that “generating AI facilitates deception, but is not infallible … Authentic candidates will generally pass from verification tests in real time and not formulated.” In a final reflection on organizational culture, the post maintains that “a culture of productive paranoia is the key. Security is not only IT responsibility. In the modern era, it is an organizational state of mind. ”
Kraken closes his story with a reminder that the candidate was part of the North Korean campaign which, by third-party estimates cited in the post, siphoneed more than $ 650 million to cryptographic companies in 2024. The message is sober and non-sentimental: “Sometimes the greatest threats are disguised in the form of possibilities.”
At the time of the press, the BTC was negotiated at $ 96,825.
Star image created with dall.e, tradingView.com graphic
Editorial process Because the bitcoinist is centered on the supply of in -depth, precise and impartial content. We confirm strict supply standards, and each page undergoes a diligent review by our team of high -level technology experts and experienced editors. This process guarantees the integrity, relevance and value of our content for our readers.
