How Kraken Outsmarted North Korean Hacker Posing as Job Applicant

Mike Scanlan

03 May 2025 — 1 min read

Kraken’s security team thwarted a sophisticated infiltration attempt by a North Korean hacker posing as a job applicant. By carefully advancing the candidate through its recruitment process, Kraken identified a larger network of fake identities tied to state-sponsored cyberattacks.

Fake IDs, VPNs, and Github: Inside Kraken’s Hunt for a State-Sponsored Hacker

In a striking example of cybersecurity vigilance, crypto exchange Kraken has revealed it recently uncovered and neutralized an attempt by a North Korean hacker to infiltrate the company via its hiring process.

According to its official blog post on the event, what began as a routine engineering job application quickly raised red flags. The applicant used inconsistent names, switched voices mid-interview (suggesting live coaching), and operated through cloaked systems like colocated Macs and VPNs. Crucially, their email matched intelligence shared by industry partners about known hacker networks targeting crypto companies.

Rather than reject the candidate immediately, Kraken’s security team strategically advanced them through its recruitment pipeline. The aim? To collect intelligence. Using OSINT tools and breach data analysis, the team uncovered a network of fake identities linked to the suspect, including past work credentials and even a sanctioned foreign agent alias.

The ruse unraveled during a final interview with Kraken’s CSO, where identity verification prompts like showing ID and answering local trivia exposed the applicant as an imposter. Commenting on the event, Kraken CSO Nick Percoco, said:

State-sponsored attacks aren’t just a crypto, or U.S. corporate issue, they’re a global threat. Any individual or business handling value is a target, and resilience starts with operationally preparing to withstand these types of attacks.

Kraken’s experience highlights a growing threat in crypto: attackers now walk through the front door, not just breach the firewall. With AI aiding deception, companies must apply dynamic, real-time verification methods and foster a culture of security awareness across all departments, not just IT.

Corporate Giants Are Buying Bitcoin—What’s Stopping You?

GameStop just made headlines by purchasing 4,710 bitcoins—worth over $500 million—as part of its new treasury strategy . This move aligns with companies like MicroStrategy, which now holds more than 580,000 BTC valued at over $40 billion . Even Trump Media is raising $2.5 billion to build

What's the deal with bitcoin ATMs?

Bitcoin ATMs have been in the news lately...for bad reasons. What's the deal with bitcoin ATMs like CoinMover? Bitcoin ATMs, like the ones CoinMover has, have been in the news lately, and not for the right reasons. The Arizona House of Representatives introduced a bill to combat

Bitcoin ATMs: How does CoinMover Work?

As cryptocurrency becomes more mainstream, Bitcoin ATMs (BTMs) are quickly emerging as the fastest, easiest way to buy and sell Bitcoin with cash. At CoinMover, we’re proud to power one of the most trusted Bitcoin ATM networks in Massachusetts, New Hampshire, Rhode Island, and Connecticut — offering everyday users a

Athena Bitcoin asks Stillwater to repeal cryptocurrency ATM ban

A Miami company that owns three cryptocurrency ATMs in Stillwater is asking the city to repeal an ordinance banning the machines. Officials from Athena Bitcoin, which operates more than 3,500 cryptocurrency ATMs across 35 states, say the city’s new ordinance banning crypto ATMs violates state law. The ordinance,

Fake IDs, VPNs, and Github: Inside Kraken’s Hunt for a State-Sponsored Hacker

Read more

Corporate Giants Are Buying Bitcoin—What’s Stopping You?

What's the deal with bitcoin ATMs?

Bitcoin ATMs: How does CoinMover Work?

Athena Bitcoin asks Stillwater to repeal cryptocurrency ATM ban