The Kraken Team Uncovered a North Korean Spy Among Job Applicants

By: cryptosheadlines|2025/05/03 14:45:01
0
Share
copy
Airdrop Is Live CaryptosHeadlines Media Has Launched Its Native Token CHT. Airdrop Is Live For Everyone, Claim Instant 5000 CHT Tokens Worth Of $50 USDT. Join the Airdrop at the official website, CryptosHeadlinesToken.com A North Korean hacker attempted to infiltrate the development ranks of cryptocurrency exchange Kraken under the guise of a candidate for an engineering position.According to the team’s report, the applicant immediately seemed suspicious. He joined the first online interview under a name different from the one on his resume, but quickly changed it. During the conversation, the candidate “periodically changed intonation” as if someone was giving him instructions in real time.Industry partners warned the company about the likelihood of encountering a spy among potential employees and provided a list of email addresses linked to a group of North Korean hackers. A Kraken candidate used one of the listed addresses when applying.Exchange specialists initiated an investigation that revealed a network of fake identities and aliases under which the hacker tried to get a job in companies in the crypto industry and other sectors. In some cases, the attacker managed to get the desired position.Upon closer examination, experts discovered the hacker’s attempts to hide his location and forged documents with other people’s data.The team put the spy candidate through several rounds of interviews and background checks to gain insight into his identity and tactics. In the final online meeting, the hacker was asked to show his ID and recommend establishments in the city where he supposedly resides. These routine checks took the applicant by surprise, and he was unable to provide convincing answers.“Don’t trust, verify. This core crypto principle is more relevant than ever in the digital age. State-sponsored attacks aren’t just a crypto, or U.S. corporate, issue – they’re a global threat. Any individual or business handling value is a target, and resilience starts with operationally preparing to withstand these types of attacks,” Nick Percoco, the firm’s head of security, commented on the incident.Kraken specialists noted that as cyber threats evolve, maintaining security relies more and more heavily on a holistic proactive approach: “A culture of productive paranoia is key.”North Korean Hackers Created Fake Companies to Scam UsersContagious Interview, a group linked to the North Korean hacking organization Lazarus, has registered three shell companies to distribute malware. This is according to the Silent Push report.The firms BlockNovas, Angeloper Agency and SoftGlide are being used to deceive users through fake interviews.Silent Push senior analyst Zach Edwards said the two fictitious companies are registered in the United States.According to Silent Push, hackers create fake employee profiles using images generated by artificial intelligence. They also steal photos of real people to boost the credibility of their firms. Analysts reported that attackers find victims through fake job ads on GitHub and freelancing platforms.During the “interview”, the potential victim encounters a video recording error. The solution is a “simple copy-and-paste trick” that leads to a malware download. Silent Push has identified three types of “infectious” software: BeaverTail, InvisibleFerret, and Otter Cookie. These programs aim to steal information, including cryptocurrency wallet keys.According to Edwards, the hacking campaign has been going on since 2024, since then FBI liquidated the firm Blocknovas. Among the victims there are well-known public users, the expert noted.Hackers stole $100,000 from CEO Emblem Vault via ZoomThe head of NFT platform Emblem Vault, Jake Gallen, claimed to have lost more than $100,000 in cryptocurrency due to attackers using Zoom.According to him, the incident occurred during a video call with a crypto community member who identified himself as the owner of a mining platform. Gallen reported that scammers installed GOOPDATE malware on his computer. Several cryptocurrency wallets were compromised, resulting in the loss of bitcoins and Ethereum. Gallen partnered with The Security Alliance (SEAL) to analyze the attack. The company determined that ELUSIVE COMET, a group that uses social engineering to install malware and steal cryptocurrencies, was responsible;According to Gallen, he got into a Zoom meeting with a crypto-enthusiast with 26,000 subscribers on X. During the video call, the attacker used the remote access feature to install the program. SEAL experts tested Zoom and confirmed that by default, the platform allows guests to request remote access to the computer. A researcher under the nickname samczsun told Cointelegraph that for a successful attack, an attacker would need to convince the victim to manually grant such access. The hackers later hacked into Gallen’s X account and tried to use it to lure new victims in private messages. They also gained access to Ledger’s hardware wallet, even though Gallen had used it several times over three years. SEAL experts link the ELUSIVE COMET group to Aureon Capital, which is responsible for “millions of dollars in stolen funds” and poses a significant risk to users because of its “elaborate backstory.”Source link

-- Price

--

You may also like

Should You Buy Bitcoin Now? What the Data Says After a 50% Pullback

Should you buy Bitcoin now? Explore Bitcoin's nearly 50% pullback, ETF outflows, on-chain data, Strategy's BTC sale, and historical trends to assess whether July 2026 is a buying opportunity.

Founder of Baixing.com: I believe half of the statement that large language models devour everything

The internet has been shouting for so many years about devouring everything. Has it really devoured everything now? Is it the internet that devours everything, or is it the large models that devour everything? Both are devouring, and nothing is left?

A "legal" robbery? Attackers emptied the BonkDAO treasury by buying tickets

Handing over the keys to the vault to a public vote where "anyone can spend money to participate," without sufficient oversight mechanisms, even the most legitimate governance ideals may turn into the most convenient tools for attackers.

How has Binance's stock business performed in the 30 days since its launch?

Emerging market buying supported the first wave of demand.

WEEX P2P now supports BDT & LKR—Merchant Recruitment Now Open

To make crypto deposits easier, WEEX has officially launched its P2P trading platform and continues to expand fiat support. We're excited to announce that the Bangladeshi Taka (BDT) and Sri Lankan Rupee (LKR) are now available on WEEX P2P!

Morning News | SK Hynix officially launches the marketing promotion process for its U.S. stock listing; the Central Cyberspace Administration announces the results of the first phase of rectifying AI application chaos, with over 14,000 non-compliant pr...

July 6 Market Important Events Overview

Contents

Popular coins

Latest Crypto News

Read more
iconiconiconiconiconiconicon
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:[email protected]
VIP Program:[email protected]