CoinDesk Podcast Network How Kraken Unmasked a North Korean Hacker
May 2, 2025
Nick Percoco, Chief Security Officer at Kraken, sheds light on his team's remarkable investigation into a North Korean hacker who applied for a job at the crypto exchange. He discusses how they uncovered vulnerabilities in the recruitment process, emphasizing the critical need for thorough vetting against known adversaries. Percoco shares insights from a troubling interview that revealed a lack of preparation by the candidate. The conversation also touches on the risks associated with AI in interviews and the importance of assessing both technical skills and soft skills in cybersecurity hiring.
AI Snips
Chapters
Books
Transcript
Episode notes
North Korean Hacker Job Application
- Kraken identified a North Korean hacker applicant through matching a known adversary email address in their recruitment system.
- They conducted interviews revealing the applicant's ill-preparedness and cultural ignorance, confirming suspicion.
Crypto Hiring Vulnerabilities
- Crypto firms often prioritize technical skills over personal or geographic authenticity, creating vulnerability.
- Candidates may fake skills and use AI, making technical vetting alone insufficient.
Vet Candidates Beyond Skills
- Focus on soft skills and personal attributes during interviews, not just technical skills.
- Ask candidates about personal interests to quickly identify inconsistencies in their background.
