Kraken Caught a North Korean Agent Trying to Infiltrate the Company Through a Job Interview

Kraken noticed something was wrong when the interviewee used a different name from the one listed on his resume.

A North Korean crypto agent was caught by crypto exchange Kraken during a job interview, according to a blog post by the exchange.

The interviewee slipped up on the first call by giving a different name than the one listed on his resume, and he displayed signs of having someone coach him during the interview.

However, the interviewer noticed something was wrong. Thanks to a partner company giving the exchange a heads-up, the exchange was aware of North Korean operatives targeting crypto exchanges. For example, other crypto companies were aware of the email being used because it was flagged as being associated with disreputable activities.

The exchange performed open intelligence analysis on the information they provided, including the email address, and discovered that it had been used multiple times by other employees hired at crypto companies. Many signs were pointing to an organized campaign.

The applicant routed his internet traffic through a stand-alone Macintosh workstation to try to disguise his location. Open-source intelligence linked the applicant’s email to a known data breach.

Even the applicant’s identity could be traced to a possible identity theft. Needless to say, the applicant was brazen in his attempts to infiltrate Kraken.

Crypto companies like Kraken often employ remote workers to maintain their exchanges. Although the process can be incredibly convenient for workers and managers, there are also a few security holes.

Kraken has learned a valuable lesson during this experience, strengthening its resolve to verify new employees rather than trust them at face value. The North Korean operatives could have easily infiltrated the company and used their position to inject malware into the company’s software or even steal valuable information.

The infiltration attempt was relatively sophisticated, so, surprisingly, the applicant made such an obvious mistake, using a different name from the one listed on his resume.

State-sponsored hackers, notably from North Korea, have surprised the world with multiple attacks. They will probably continue their attempts to breach crypto networks for some time.

North Korean hackers have tried many exploits, including malware, phishing attacks, and now a social engineering attempt. There is a new trend of North Korean hackers infiltrating systems to perform exploits from within the system.

From recent events, one such example of this trend includes the North Korean Lazarus Group creating shell companies in America to exploit job applicants. Usually, the goal is to steal cryptocurrencies because they are easy to conceal and transfer across borders, even to North Korea.

Social Engineering attacks may continue to become a mainstay with the crypto industry, compelling many crypto investors to be extra vigilant when communicating online.