Kraken Exposes North Korean Hacker Posing as Job Candidate in Bold Infiltration Attempt

By: beincrypto|2025/05/02 12:00:04
0
Share
copy
Kraken, a prominent cryptocurrency exchange, has uncovered a sophisticated infiltration attempt by a North Korean hacker posing as a job candidate. The security and recruitment teams advanced the candidate through the hiring process. The aim was to study their strategies and gather crucial insights. How a North Korean Hacker Tried to Infiltrate KrakenKraken detailed the incident in a recent blog post on May 1. The hacker applied for an engineering role at the exchange, initially appearing as a legitimate candidate, allegedly named Steven Smith. However, several red flags emerged during the hiring process. “What started as a routine hiring process for an engineering role quickly turned into an intelligence gathering operation, as our teams carefully advanced the candidate through our hiring process to learn more about their tactics at every stage of the process,” Kraken noted.The candidate used a different name during the interview and kept switching voices, suggesting coaching. They applied using an email linked to North Korean hackers. Moreover, the Open-Source Intelligence gathering (OSINT) investigation uncovered the candidate’s involvement in a network of fake identities.“This meant that our team had uncovered a hacking operation where one individual had established multiple identities to apply for roles in the crypto space and beyond. Several of the names had previously been hired by multiple companies, as our team identified work-related email addresses linked to them. One identity in this network was also a known foreign agent on the sanctions list,” the blog read.Additionally, technical inconsistencies in their setup, like using remote, colocated Mac desktops accessed via a VPN and altered IDs, pointed to an infiltration attempt. This information confirmed that the candidate was likely a state-sponsored hacker.In a final interview with the candidate, Kraken’s Chief Security Officer, Nick Percoco, and some team members confirmed the company’s suspicions. The candidate’s failure to verify their location or answer questions about their city and citizenship revealed them as an impostor.“Their job is to start employment to steal intellectual property, steal money from those companies, take home a paycheck, and do it in a widespread way,” Percoco told CBS about the hackers.FinCEN Proposes Ban on Huione Group Over North Korean Ties Meanwhile, in another development, the US Financial Crimes Enforcement Network (FinCEN) has proposed banning Cambodia-based Huione Group from the US financial system. The department identified Huione as a key facilitator for North Korean hacker groups, including those involved in cyber heists and “pig butchering” cryptocurrency scams.“Huione Group has established itself as the marketplace of choice for malicious cyber actors like the DPRK and criminal syndicates, who have stolen billions of dollars from everyday Americans,” Secretary of the Treasury Scott Bessent said.FinCEN accused the group of laundering over $4 billion in illicit funds between August 2021 and January 2025. According to the department, Huione’s network, including Huione Pay, Huione Crypto, and Haowang Guarantee, is a preferred marketplace for cryptocurrency criminals, offering services such as payment processing and an illicit online marketplace.“Today’s proposed action will sever Huione Group’s access to correspondent banking, degrading these groups’ ability to launder their ill-gotten gains. Treasury remains committed to disrupting any attempt by malicious cyber actors to secure revenue from or for their criminal schemes,” Bessent added.These incidents highlighted a pattern of North Korean cyberattacks on the cryptocurrency sector. In 2024, hackers stole over $659 million from crypto firms. According to a joint statement from the United States, Japan, and the Republic of Korea, North Korean hackers targeted the industry using tactics like social engineering and malware (e.g., TraderTraitor, AppleJeus). Additionally, North Korean IT workers were identified as insider threats to private sector companies.Previously, BeInCrypto reports have highlighted the notorious Lazarus Group, a North Korean state-sponsored hacking collective’s involvement in Bybit and Upbit thefts. Moreover, hacker groups from the country were also behind the Radiant Capital hack and the DMM Bitcoin exploit.In fact, recently, on-chain investigator ZachXBT uncovered significant North Korean involvement in decentralized finance (DeFi) protocols, with some of them relying on nearly 100% of their monthly volume/fees from the Democratic People’s Republic of Korea (DPRK).The post Kraken Exposes North Korean Hacker Posing as Job Candidate in Bold Infiltration Attempt appeared first on BeInCrypto.

-- Price

--

You may also like

BIS Report Compliance Observation: The Real Risks of Stablecoins, Not Just "Depegging"

The issue with stablecoins is not just whether their price will decouple, but whether they can be integrated into a recognizable, monitorable, accountable, and regulated financial system.

When American giants collectively "defect" from Chinese AI models

Coinbase CEO publicly stated: the company has fully switched its AI to a Chinese model, cutting expenses in half while usage has doubled. Snowflake and Lindy are also doing the same thing—an unnoticed "AI model migration wave" is happening.

A pre-announced harvesting case: After the cryptocurrency price dropped by 99%, the public chain Saga exited to transform into AI

True failure often isn't a single price drop, but rather a pricing mechanism that repeatedly rewards those who tell stories while repeatedly punishing those who believe in the stories.

Ethereum Foundation Report: A Basic Guide to Ethereum for Governments and Financial Institutions

The Ethereum Foundation has released this non-technical introductory report aimed at government officials, central banks, regulators, and corporate decision-makers, explaining how Ethereum works, how it is governed, how it differs from other blockchains, and how institutions and governments are alre...

Portugal 2-1 Croatia: Ronaldo's 20-Year Knockout-Stage Drought Ends With a Debt Finally Collected

Portugal beat Croatia 2-1 in the 2026 global football championship's knockout rounds as Ronaldo scored his first-ever knockout-stage goal, Gonçalo Ramos struck a stoppage-time winner, and VAR ruled out a late equalizer for offside.

Bitcoin Price Prediction July 2026: Will BTC Recover to $70K or Drop Below $55K?

Bitcoin price prediction for July 2026: Can BTC recover to $70,000 or fall below $55,000? Explore ETF flows, key support levels, Fed outlook, and our Bitcoin forecast.

Popular coins

Latest Crypto News

Read more
iconiconiconiconiconiconicon
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com