Instead of immediately rejecting the suspicious application, Kraken’s security team strategically advanced the candidate through multiple interview stages, gathering critical intelligence about state-sponsored hacking techniques in the process. Industry partners had previously warned crypto companies about North Korean hackers applying for positions, providing a list of email addresses linked to the hacker group-one of which matched the candidate’s application email. Their resume was linked to a GitHub profile containing an email address exposed in a past data breach, and their primary identification appeared altered, likely using details stolen in an identity theft case. This case serves as a warning to companies across industries: sometimes the biggest security threats don’t attempt to breach your systems from the outside-they try to walk through the front door with a resume in hand. The final interview included subtle verification challenges, such as asking the candidate to recommend local restaurants in their claimed city of residence-a test the hacker failed, becoming flustered and unable to provide convincing answers. Kraken’s security team investigated the suspicious applicant using Open-Source Intelligence (OSINT) gathering methods. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Earlier this year, the Lazarus Group was implicated in the record-breaking $1.5 billion theft from cryptocurrency exchange ByBit, with hackers already laundering approximately $300 million of those stolen funds. “Even more suspicious, the candidate occasionally switched between voices, indicating they were being coached through the interview in real time”. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security.
This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 05 May 2025 12:20:06 +0000