Kraken, a prominent crypto exchange, recently revealed how it thwarted a potential North Korean threat actor who attempted to infiltrate the company by posing as a job applicant. The hacker, pretending to be an engineering candidate, raised multiple red flags during the interview process.
The exchange detected something suspicious about the candidate right from the start. They noticed that the applicant occasionally switched between voices, indicating that someone was coaching them in real-time. Despite these warning signs, Kraken decided to continue with the interview process to gather more information about the hacker’s tactics.
Prior to the interview, Kraken had received warnings from industry partners about North Korean hackers targeting crypto companies. During the video call, the candidate used a different name than the one on their resume, and Kraken discovered that the candidate’s email address was associated with a known North Korean hacker group.
Further investigations revealed that the hacker was part of a network of fake identities and aliases, with one of them being a known foreign agent on the sanctions list. Despite these alarming discoveries, Kraken continued to engage with the candidate, putting them through multiple technical and infosec tests to extract more details about their identity and tactics.
In the final round of interviews, Kraken set traps for the hacker by asking them to verify their location and recommend restaurants in the city they claimed to live in. The candidate struggled to provide accurate answers, ultimately unraveling under the pressure.
Nick Percoco, Kraken’s chief security officer, emphasized the importance of verification in the face of state-sponsored attacks, highlighting that such threats are not limited to the crypto or U.S. corporate sectors but pose a global risk.
The incident serves as a reminder of the ongoing cybersecurity challenges faced by companies in the crypto industry. By remaining vigilant and implementing rigorous security measures, exchanges like Kraken can protect themselves against potential threats and safeguard their operations.