Kraken identified a North Korea-linked applicant during an engineering hiring process after the candidate joined calls under inconsistent names, appeared coached, and matched an email address shared by industry partners. Kraken's Red Team tied the applicant to a network of fake identities through OSINT, breach data, work email links, colocated Mac desktops, VPN use, and an apparently altered identity document. The company advanced the interview process deliberately to test the applicant, including live location and ID checks that the candidate could not answer convincingly. The case shows how crypto firms can treat recruiting as an intrusion path and use identity, device, and behavioral verification to detect DPRK job-seeker operations.