How Kraken Outsmarted North Korean Hacker Posing as Job Applicant

Mike Scanlan

03 May 2025 — 1 min read

Kraken’s security team thwarted a sophisticated infiltration attempt by a North Korean hacker posing as a job applicant. By carefully advancing the candidate through its recruitment process, Kraken identified a larger network of fake identities tied to state-sponsored cyberattacks.

Fake IDs, VPNs, and Github: Inside Kraken’s Hunt for a State-Sponsored Hacker

In a striking example of cybersecurity vigilance, crypto exchange Kraken has revealed it recently uncovered and neutralized an attempt by a North Korean hacker to infiltrate the company via its hiring process.

According to its official blog post on the event, what began as a routine engineering job application quickly raised red flags. The applicant used inconsistent names, switched voices mid-interview (suggesting live coaching), and operated through cloaked systems like colocated Macs and VPNs. Crucially, their email matched intelligence shared by industry partners about known hacker networks targeting crypto companies.

Rather than reject the candidate immediately, Kraken’s security team strategically advanced them through its recruitment pipeline. The aim? To collect intelligence. Using OSINT tools and breach data analysis, the team uncovered a network of fake identities linked to the suspect, including past work credentials and even a sanctioned foreign agent alias.

The ruse unraveled during a final interview with Kraken’s CSO, where identity verification prompts like showing ID and answering local trivia exposed the applicant as an imposter. Commenting on the event, Kraken CSO Nick Percoco, said:

State-sponsored attacks aren’t just a crypto, or U.S. corporate issue, they’re a global threat. Any individual or business handling value is a target, and resilience starts with operationally preparing to withstand these types of attacks.

Kraken’s experience highlights a growing threat in crypto: attackers now walk through the front door, not just breach the firewall. With AI aiding deception, companies must apply dynamic, real-time verification methods and foster a culture of security awareness across all departments, not just IT.

Bitcoin ATMs: How does CoinMover Work?

As cryptocurrency becomes more mainstream, Bitcoin ATMs (BTMs) are quickly emerging as the fastest, easiest way to buy and sell Bitcoin with cash. At CoinMover, we’re proud to power one of the most trusted Bitcoin ATM networks in Massachusetts, New Hampshire, Rhode Island, and Connecticut — offering everyday users a

Athena Bitcoin asks Stillwater to repeal cryptocurrency ATM ban

A Miami company that owns three cryptocurrency ATMs in Stillwater is asking the city to repeal an ordinance banning the machines. Officials from Athena Bitcoin, which operates more than 3,500 cryptocurrency ATMs across 35 states, say the city’s new ordinance banning crypto ATMs violates state law. The ordinance,

Arizona’s crypto reserve bill Heads to Final House Vote

Arizona’s Digital Asset Reserve bill is heading to a final House vote after clearing the Committee of the Whole. On April 17, Arizona’s State Bill 1373, also referred to as the Strategic Digital Asset Reserve Bill, moved one step closer to becoming law after being approved by the

Colorado Overhauls Money Transmission Law to Align with Multistate Licensing Standards

On April 16, the Colorado General Assembly enacted House Bill 25-1201, replacing the state’s prior money transmitter law with the Money Transmission Modernization Act (the “Act”). Modeled on the multistate framework developed by the Conference of State Bank Supervisors (CSBS), the Act aims to align Colorado’s licensing and

Fake IDs, VPNs, and Github: Inside Kraken’s Hunt for a State-Sponsored Hacker

Read more

Bitcoin ATMs: How does CoinMover Work?

Athena Bitcoin asks Stillwater to repeal cryptocurrency ATM ban

Arizona’s crypto reserve bill Heads to Final House Vote

Colorado Overhauls Money Transmission Law to Align with Multistate Licensing Standards