Skip to content
Crime-and-justiceCybersecurityTradingIcoInconsistenciesProtocolBitcoinHackerTechnologyEthereumDefiInterviewSanctionsGeneral-newsFinanceHighlightedCryptoHodlDecentralized

North Korean Hacker Impersonates Job Seeker in Daring Infiltration Attempt, Revealed by Kraken

North Korean hacker's infiltration attempt exposed by Kraken, as they disguised themselves as a job applicant, revealing their techniques and strategies.

 and  Administrator
3 min read

The Sly North Korean Hacker Fighting His Way into Kraken's Operations

North Korean Hacker Impersonates Job Seeker in Daring Infiltration Attempt, Revealed by Kraken

Cryptocurrency platform Kraken has unveiled a cunning attempts by a North Korean hacker masquerading as a job seeker in a bid to gain access to the exchange's secrets.

The Chameleon Hacker's Strategy

Kraken's recruitment and security teams played along with the candidate, thinking him to be just another applicant for an engineering position. Little did they know, the candidate was slyly gathering information on their strategies.

  1. Camouflage Identity: The candidate went as far as changing names and voices during the interview. Their emails linked to a notorious hacker group from North Korea.
  2. Artful Disguise: The candidate's identity was part of a network of deceptive personas, with many job applications under various names. Some of these identities had already successfully secured roles in other companies.

Opening Up the Curtains

Kraken laid out the details of the incident in a recent blog post on May 1st. The blog exposed how the candidate's background check discovered a plethora of red flags.

The Open-Source Intelligence (OSINT) investigation revealed the candidate's connection to a vast web of false identities linked to North Korean hacker organizations.

The Team's Denouement: Even a final face-to-face interview with Kraken's Chief Security Officer, Nick Percoco, and members of the team could not fool them. The candidate couldn't confirm their true location or provide accurate answers about their city and nationality, establishing them as an imposter.

"This cat-and-mouse game is their day-to-day operation. Their aim is to sneak into companies to steal intellectual property, burglarize accounts, get paid, and continue on with their illegal activities," Percoco told CBS.

Ban on Huione Group by FinCEN

Away from Kraken's saga, the US Financial Crimes Enforcement Network (FinCEN) has proposed to block the Cambodia-based Huione Group from the U.S. financial system due to ties with North Korean hacker groups. The department claims the Huione Group has facilitated cyber heists and "pig butchering" crypto scams.

According to Treasury Secretary Scott Bessent, Huione Group has laundered over $4 billion in illicit funds between August 2021 and January 2025. The group's network, including Huione Pay, Huione Crypto, and Haowang Guarantee, serves as a popular marketplace for cybercriminals.

That's not all! Huione Group's alleged activities have become a significant threat, as the group has helped North Korean hackers launder money and secretly conduct their activities in the cryptocurrency sector.

The Rise of North Korean Cryptocurrency Thefts

In 2024, cryptocurrency thefts surged to an astounding $659 million from crypto firms. These unauthorized intrusions are becoming more common in the crypto industry, often occurring through social engineering and malware, like TraderTraitor and AppleJeus.

Some North Korean IT workers have been identified as an internal threat to private companies. Recent investigations by ZachXBT, an on-chain investigator, have revealed significant North Korean involvement in decentralized finance (DeFi) protocols. Some DeFi platforms rely on an alarming amount of their monthly volume and fees from the Democratic People's Republic of Korea, creating a threat to the industry's security.

BeInCrypto is committed to providing unbiased, transparent reporting. As a responsible platform, readers are encouraged to fact-check information and consult with professionals before making any decisions based on this article.

  1. Despite the incident, Kraken continues to engage in Bitcoin trading, decentralized protocols on Ethereum, and other crypto trading.
  2. The sanctions imposed on the Huione Group by FinCEN highlight the increasing role of cybersecurity in general-news and crime-and-justice sectors.
  3. Inconsistencies in the candidate's interview responses, such as location and nationality, helped Kraken in identifying the North Korean hacker.
  4. The North Korean hacker's attempt to infiltrate Kraken's operations underscores the growing threats in the cybersecurity and technology industries.
  5. The candidate's strategy of creating false identities and posing as a job seeker has drawn attention to the increasing use of ICOs and DeFi platforms in North Korean hacking activities.
  6. The recent proposal by FinCEN to block the Huione Group has potential implications for the cryptocurrency industry, as the group has reportedly laundered over $4 billion in illicit funds.
  7. TraderTraitor and AppleJeus, two malware commonly used in crypto thefts, have been identified as tools frequently employed by North Korean hackers.
  8. The involvement of North Korean IT workers in private companies and DeFi protocols has been highlighted, exposing potential vulnerabilities in the technology sector and financial markets.
  9. The rising number of cryptocurrency thefts, estimated at $659 million in 2024, has underscored the need for enhanced cybersecurity measures in the crypto industry.
North Korean hacker's conniving job application expose highlights their devious methods and strategies.
North Korean hacker's infiltration attempt exposed by Kraken, using job candidacy disguise, providing insights into their methods and strategies.
North Korean hacker's infiltration attempt exposed: Kraken unveils cunning ruse disguising as job applicant, offering insights into their methods and approaches.

Read also:

    Related

    Latest