Altcoins Talks - Cryptocurrency Forum
Learning & News => News related to Crypto => Topic started by: ABCbits on May 05, 2025, 11:53:31 AM
-
A North Korean agent applied for a job at a popular crypto firm: They tripped him up with a simple question about Halloween
The hiring team at Kraken, a U.S-based crypto exchange, noticed immediately that something was off about “Steven Smith,” a would-be IT worker who applied (https://fortune.com/2025/04/10/north-korean-it-workers-spamming-github-resumes-insult-kim-jong-un-harrison-leggio/) for a software engineering job in early October. But it wasn’t until they compared Smith’s email to a list of those suspected to be part of a hacker group that their suspicions were confirmed: Smith was a North Korean operative... Read more here (https://fortune.com/crypto/2025/05/03/north-korean-applied-job-crypto-kraken-it-worker/).
It's good to see Kraken perform detailed check. And for those who're being skeptical, Kraken also share about this matter on https://blog.kraken.com/news/how-we-identified-a-north-korean-hacker (https://blog.kraken.com/news/how-we-identified-a-north-korean-hacker) and https://www.youtube.com/watch?v=2vXHlnjKbBI (https://www.youtube.com/watch?v=2vXHlnjKbBI). Your opinion is greatly appreciated.
-
Wow, so maybe the hacking is with people on the inside, and I think that explains all that with the recent hacks and how they were able to breach security. I hope that a lot of centralized exchanges will vet their possible employees.
Thank you for sharing this op. I didn't know it was like this.
-
this could be the exact method of north koreans infiltrating various crypto exchanges and knowing all about the ins and the outs and when and where they could be vulnerable enougn to attack
i just find it weird how unprepared this supposedly north korean agent is, surely they do not operate this sloppy and they would at least come up with better proof of their identity
-
i just find it weird how unprepared this supposedly north korean agent is, surely they do not operate this sloppy and they would at least come up with better proof of their identity
Yeah, i would speculate those agents haven't been trained against company who become aware of their infiltration attempt. Although it's possible that they assume some of the question (about culture of where they claimed to live) is part of casual or icebreaker discussion.
-
A North Korean agent applied for a job at a popular crypto firm: They tripped him up with a simple question about Halloween
The hiring team at Kraken, a U.S-based crypto exchange, noticed immediately that something was off about “Steven Smith,” a would-be IT worker who applied (https://fortune.com/2025/04/10/north-korean-it-workers-spamming-github-resumes-insult-kim-jong-un-harrison-leggio/) for a software engineering job in early October. But it wasn’t until they compared Smith’s email to a list of those suspected to be part of a hacker group that their suspicions were confirmed: Smith was a North Korean operative... Read more here (https://fortune.com/crypto/2025/05/03/north-korean-applied-job-crypto-kraken-it-worker/).
It's good to see Kraken perform detailed check. And for those who're being skeptical, Kraken also share about this matter on https://blog.kraken.com/news/how-we-identified-a-north-korean-hacker (https://blog.kraken.com/news/how-we-identified-a-north-korean-hacker) and https://www.youtube.com/watch?v=2vXHlnjKbBI (https://www.youtube.com/watch?v=2vXHlnjKbBI). Your opinion is greatly appreciated.
Hackers this days apply several new strategies to succeed on their illegal operations, I won't be surprised that this could be some of their methods, it is wake up call for all exchanges to be vigilant especially during recruitment seasions.
I think is appropriate to use more stronger means in conducting interview especially when employing foreigners. Some of the questions or inquiries about candidates nationality should be added on jobs interviews in my opinion.
-
I am sure that Steven Smith (or whatever his real name is) now learned a very important lesson on cultural things before trying to infiltrate a well-known crypto-based firm. Good to see Kraken publishing this story which can be serving as a warning to other organizations to be careful and vet well the people they are taking in to be a part of the ranks. Imagine the idea of trusting and paying someone to be your employee and that employee has the intention of doing some social engineering that can be used later for some hacking purposes....this what may happen if Steven Smith passed the test initiated by Kraken. I am looking for a movie to be made based on this story.
-
This is such a strange story to me, because if it's about a foreign agent trying to infiltrate some company, then it makes no sense to me that he would come to the interview completely unprepared. It makes no sense at all that he claims to live in city A, and then shows documents that actually show an address 300 miles away from where he lives.
Besides, what kind of secret agent is he who uses an e-mail address that is on the blacklist of NK hackers to apply for a job? If NK secret agents are so unintelligent, I wonder how they even manage to hack anyone...
-
Credit to Kraken for detecting that early and not letting it pass. It illustrates how severe the issue is getting in the crypto industry especially with bad actors from state supported entities. The fact that something as simple as a Halloween inquiry helped expose it is wild but also somewhat smart. Firms definitely need to be smart like this more than ever now