Cybercrime: North Korean Hacker Caught
A North Korean hacker attempted to infiltrate a US tech company by applying for a technical role at the Kraken Cryptocurrency Exchange. Instead of rejecting his resume, the company allowed him to proceed with the recruitment process to gather intelligence on his tactics.
The Recruitment Process
The first red flag appeared when the hacker connected to a video call using a different name than the one on his resume, and his voice occasionally changed during the interview. Further investigation revealed that his email address was linked to a large network of fake identities and aliases used by a hacking group. The forensic examination of his ID showed that it had been altered, and possibly contained details of identity theft victims.
Trapping the Hacker
Traps were set during the final interview when the hacker was asked to verify his location and recommend restaurants in the city he claimed to live in. The candidate was unable to answer these simple questions convincingly, revealing his true intentions. At the end of the interview, it was clear that the applicant was not legitimate, but a fraudster attempting to infiltrate the company’s systems.
The Threat of State-Funded Attacks
Kraken’s Chief Security Officer, Nick Percoco, warned that state-funded attacks are a global threat. While some hackers try to break in, others attempt to walk through the front door. Although artificial intelligence makes it easier to deceive companies, real-time verification tests can often catch fraudsters. Studies by the Google Threat Intelligence Group indicate that this is a growing problem, with North Korean IT employees receiving employment from large companies in the US and Europe, and using their salaries to generate income for the secret state.
The Risks of Malicious Actors
In some cases, malicious actors extend their employment by threatening to reveal economically sensitive information. The use of artificial intelligence can make it easier for hackers to deceive companies, but it is not foolproof. Real-time verification tests can often catch fraudsters, and companies must remain vigilant to protect themselves from these types of threats. The incident highlights the importance of robust security measures and thorough background checks to prevent malicious actors from infiltrating company systems.
