The Kraken attitude team, a crypto exchange based in the USA, immediately noticed that something about “Steven Smith”, a potential IT worker, was no longer applied For software engineering job in early October. But only when they compared Smith’s e -mail with a list of those who were suspected that they were part of a Hacker group were they suspected: Smith was a North Korean operator.
Octopus could only have throwed the application. Instead, Kraken’s Nick Percoco, Chief Security Officer, decided to take a closer look at Steven Smith. He saw this as an opportunity to learn more about the infiltration tactic of North Korea who have robbed billions Krypto company and how he could prevent this in octopuses.
Percoco decided to advance Smith through the attitude process, let him speak to a recruiter and carry out a technical test before taking an interview. “We said that this would get to know a cultural interview with you.” Percoco told Assets. “He really failed there. I don’t think he actually answered any questions we asked him.”
Smith claimed to have received a bachelor’s degree in computer science at New York University, according to a copy of his resume Assets. He also claimed to have more than 11 years of experience as a software engineer at companies based in the USA such as Cisco and friendly human.
The interview was planned for Halloween, a classic American vacation – especially for students in New York – that Smith seemed to know nothing.
“Watch out tonight because some people ring their doorbell, children with chainsaws,” said Percoco, referring to the tradition of trick or treatment. “What do you do when these people appear?”
Smith flipped the armpits and shook his head. “Nothing special,” he said.
Smith was also unable to answer simple questions about Houston, the city in which he supposedly lived for two years. Although Smith had listed “Food” as an interest in his CV, he could not find a direct answer when he was asked about his favorite restaurant in the Houston area. He looked around for a few seconds before he muttered: “Nothing special here”.
Here is the clip from the interview in which Smith was asked about his favorite restaurant.
When Smith was asked to present a physical ID, he had no access to you at the moment, but after a few minutes he shared a photo of a driver’s license with his name and photo. The address listed in the ID was over 300 miles from Houston.
Smith’s application is part of a growing threat to American companies because thousands of IT employees with connections to North Korea are trying to be hired abroad. The network of companies is part of the efforts to finance the country’s mass destruction program by working on several jobs at the same time and gaining access to companies to steal money from the inside.
A growing threat
Kraken might have dilated a ball, but some companies were not so lucky. The United Nations Estimates This North Korea has achieved between 250 million and 600 million US dollars a year by hiring its spies in overseas companies. A network of North Koreans, known as Famous Chollima, was behind 304 individual incidents last year, cybersecurity Company Crowdstrike reportedPredict that the campaigns will continue to grow in 2025.
Crypto has proven to be particularly susceptible to this type of social engineering. The Lazarus Group, another North Korean network, was associated with some of the greatest crypto robberies in history, including the record injury 1.5 billion US dollars hack by Crypto Exchange Bybit in February and the theft of 540 million US dollars from the Ronin network Blockchain in 2022.
Percoco does not know exactly what Smith’s intentions were, but he assumes that the operative is intended to steal means at some point. “You would receive our company equipment, you would have access to some internal systems,” said Percoco. “We don’t know what they would do afterwards, we most likely try to steal money.”
This story was originally on Fortune.com