We identified a North Korean hacker who tried to get a job

Original Article ↗ Hacker News Discussion ↗

Generative AI and the changing threat model

  • Commenters note that generative AI makes it much easier to fake résumés, written assessments, and even live interviews, especially for technical OAs (LeetCode/HackerRank).
  • Some argue this will push hiring back toward real-time, unscripted tests and in-person evaluation; others say interviews were already broken and AI just exposes that.

“How fat is Kim Jong Un?” and cultural shibboleths

  • A widely discussed tactic is asking a candidate to say something insulting about Kim Jong Un to “out” North Korean operatives.
  • Supporters claim NK’s cult-like environment makes many operators unwilling to say anything critical, even when it would help their mission.
  • Skeptics find this implausible, pointing out professional spies can lie strategically and that legitimate candidates would also hang up or complain about such a question.
  • Many see these culture/geo “gotcha” questions (local restaurants, slang, etc.) as unreliable, with high false positives and false negatives.

Remote hiring, fake identities, and overemployment

  • Multiple anecdotes describe fake candidates with polished LinkedIn/GitHub, VOIP numbers, VPNs, and mismatched identities, sometimes backed by whole teams.
  • Recruiters report huge volumes of suspect applicants, especially for remote US roles; some companies now require full-time recruiters just to sift fakes.
  • There’s concern that stricter screening will disproportionately hurt privacy-conscious or foreign candidates and drive hiring back toward elite schools and networking.

Verification practices and legal/ethical concerns

  • Suggested mitigations: video ID checks, asking for local knowledge, on-site final rounds, even flying candidates in and treating remote work like contractor vetting.
  • Others warn about discrimination (by accent, nationality, or location), privacy issues, and the risk of looking like a scam when asking for ID or odd questions.

Subcontracting and “farming out” the job

  • Several stories describe employees secretly outsourcing their work to cheaper labor or multiple-job “overemployment.”
  • Some see this as pure fraud and a security nightmare (credentials and data leaving the org); others argue if the work is good, the real problem is misaligned employment models.

Critique of Kraken’s post and the security industry

  • Many view the “OSINT investigation” as mostly basic Googling plus an externally supplied list of suspect email addresses, overhyped for marketing.
  • Some think advancing a known hostile candidate through the process to “study” them was reckless and may have taught attackers more than it revealed.
  • Broader criticism targets the security and crypto sectors as hype-driven, process-poor, and more focused on optics, tools, and blame-shifting than robust hiring and access controls.