Kraken’s employment team, a US -based encryption exchange, immediately that something about Stephen Smith, a potential information technology factor Applied For software engineering function in early October. But they did not even compared a Smith email to a list of suspects that they were part of a group of infiltrators whose doubts were confirmed: Smith was a North Korean work.
Kraken could have tossed the app. instead of, Crackers The chief security officer, Nick Persico, decided to take a closer look at Stephen Smith. He saw that this is an opportunity to learn more about infiltration tactics North Korea, which robbed billions of Curd companies, and how it can prevent this in kraken.
Percoco decided to present Smith through the recruitment process, make it talk to a recruiter and perform a technical test before preparing an interview. “We said this will be your knowledge, a kind of cultural interview.” Percoco said luck. “This is the place where he really failed. I don’t think he actually answered any questions we asked for.”
Smith claimed that he had obtained a Bachelor’s degree in Computer Science from New York University, according to a copy of his autobiography that was reviewed by luck. He also claimed that he has more than 11 years of experience as a US -based software engineer such as Cisco and Pleasly Human.
It was scheduled to meet with Halloween, a classic American holiday – especially for university students in New York – that Smith seemed to know nothing about.
“Watch out tonight because some people may see the door bell, and the children who suffer from leaflets,” said Percoco, in reference to the tradition of the trick or treatment. “What do you do when these people appear?”
Smith ignored and shook his head. “Nothing is special,” he said.
Smith was also unable to answer simple questions about Houston, the city in which he was supposed to live for two years. Despite the inclusion of “food” as an interest in his autobiography, Smith was unable to reach an answer directly when he was asked about his favorite restaurant in Houston. He looked around for a few seconds before complete, “nothing special here.”
Here is a clip from the interview where Smith was asked about his favorite restaurant.
When he was asked to produce a physical identifier, Smith said he was unable to reach one at the present time, but after a few minutes, he shared a photo of a driving license with his name and photo. The title included on the identity was more than 300 miles from Houston.
The SMITH job application is part of an increasing threat facing American companies, as thousands of assumed information technology workers with relationships with North Korea are trying to obtain a remote employment in foreign countries. Activists Network is part of an attempt to finance the weapons of mass destruction program in the country by working in multiple jobs simultaneously and reaching companies to steal money from within.
An increased threat
Kraken may have escaped from a bullet, but some companies were not very fortunate. United Nations Estimates North Korea produced between $ 250 million to $ 600 million annually by deceiving foreign companies to employ its spies. It was a network of North Koreans, known as the famous Chollima I mentionedThe campaigns will continue to grow in 2025.
Crypto has proven especially vulnerable to this type of social engineering. The Lazarus group, another network of North Koreans, has been linked to some of the largest encryption theft in history, including breaking the record $ 1.5 billion penetration From Crypto Exchange bybit in February and stealing $ 540 million from Ronin Network Blockchain in 2022.
Although Percoco does not know exactly what Smith intentions are, it is assumed that the operative aims to steal money at some point. “They will get our company’s equipment, and they will get some internal systems,” said Berkoko. “What will they do after that, we don’t know, but we most likely try to steal money.”
This story was originally shown on Fortune.com
https://fortune.com/img-assets/wp-content/uploads/2025/05/GettyImages-1135694060-e1746198722454.jpg?resize=1200,600
Source link