- Kraken stops hacker posing as engineer in job application.
- Final interview traps hacker with location, ID questions.
Kraken, a well-known cryptocurrency exchange, recently revealed a serious security threat. The North Korean hacker attempted a breach of the organization by using fraudulent employment paperwork to apply as an engineering candidate. Kraken detected the suspicious activity through the teamwork of their trained security personnel and IT experts.
Kraken Uses OSINT to Expose State-Backed Hacker
At first, the recruitment procedure started out as conventional for standard hiring practices. The indications started to appear unusually. An applicant joined their opening interview under a different name than their résumé. The initial warning signal became visible to the company during this event. When the applicants’ voice showed unexpected minute variations in pitch, the interviewers became suspicious. The candidate seemed to get continuous guidance from another person during the interview, which produced further suspicions.
Interestingly, it proved noteworthy that Kraken received an early warning about the development. Industry partners notified the company that North Korean hackers were engaging in cryptocurrency job applications at private companies. The company was given a complete list containing problematic email addresses. One of the email addresses listed by the applicant turned out to belong to this candidate.
Kraken responded to the suspicious job candidate with a strategic decision instead of immediate refusal. The security staff chose to maintain pretensions. The interview evaluation process allowed personnel to collect successive information from the job candidate. By doing this, they proved the applicant was indeed a fraudulent person.
The Red Team at Kraken initiated an Open-Source Intelligence (OSINT) effort. The researchers traced the candidate’s email through multiple fake identity registrations that appeared in different data breaches. Previous identities owned by this applicant had been employed to seek work at various technology companies. Some employees out of the potential candidates had already accepted positions at the same companies.
North Korean Spy Unmasked in Final Interview at Kraken
Additional evidence consistently suggested the applications were illegitimate. The candidate utilized remote Mac desktops connected through a VPN as a way to conceal their actual physical location. A GitHub account belonging to the candidate had been flagged by a past data leak through its email address. The presented identification document displayed signs of falseness since it was connected to a known incident of identity theft.
To confirm their suspicions, Kraken’s team set up a final “chemistry” interview. Company chief security officer Nick Percoco linked up with others during the conference call. The interview turned out to be a deliberate extraction process rather than a typical candidacy assessment.
The candidate needed to prove their location by showing valid government identification while under examination. In addition to this, the interviewers posed basic questions to obtain recommendations regarding dining options in the geographic area in where the candidate claimed to reside. The hacker was unable to respond to basic questions asked during the interview. The interviewer quickly noticed the candidate’s nervous behavior because he did not succeed during verification procedures.
In the end, Kraken declared the attack stemmed from state sponsorship. No actual job candidate was participating in the process because it turned out to be a North Korean hacker who attempted to break into the company.
Nick Percoco from the CSO Department advised followers to confirm through verification rather than trust blindly. That principle is vital today. Hacker assaults affect businesses and nations throughout the world.
The incident functions as an urgent warning for every enterprise worldwide. Future attacks can occur through methods different than malware. The attackers take advantage of job application systems to implement their malicious strategies. Therefore, the defensive framework of companies requires HR departments to participate in maintaining security.
The post Kraken Outsmarts North Korean Hacker Posing as Job Candidate appeared first on Live Bitcoin News.