North Korean Hackers Attack American IT Company JumpCloud

On Jul 21, 2023 at 12:37 pm UTC by · 2 mins read
an image

CrowdStrike confirms that the hack was carried out by the “Labyrinth Chollima” group.

A North Korean group of hackers has been identified to be responsible for a recent security breach at American IT management company JumpCloud. According to cybersecurity experts, the attack may be an attempt by the hackers to gain access to multiple potential victims all at once.

In a blog post by JumpCloud, the firm confirmed that the attack took place on June 27. It also further clarified that the hackers targeted less than 5 of its clients, using its access. And though JumpCloud did not disclose the exact customers that were affected by the attack, there might be reasons to believe that it was about no more than mere crypto theft. That is according to sources who are closely familiar with the matter.

Meanwhile, cybersecurity firms CrowdStrike Holding and Mandiant have also weighed in on the attack.  CrowdStrike confirms that the hack was carried out by the “Labyrinth Chollima” group. Whereas, Mandiant also confirmed initial suspicions that the group may be working on behalf of North Korea. According to Mandiant,  the hackers responsible worked for North Korea’s Reconnaissance General Bureau (RGB). That is the country’s primary foreign intelligence agency.

JumpCloud Hack: Latest Development in North Korean Cyber Crimes and Crypto Theft

It is worth noting that the JumpCloud hack is not the first time that North Korea will be linked with such bad acts. However, the latest hack appears to be signaling that North Korean hackers are gradually improvising.

For context, they seem to now be targeting companies that can give them broader access to multiple victims, rather than their old way of going after individual crypto firms. Technically, that is a term known as the “supply chain attack”.

But despite the various allegations against North Korea, particularly as it pertains to organizing crypto heists, the country has continued to deny its involvement.

For what it’s worth though, blockchain analytics firm Chainalysis said last year that North Korean hackers stole about $1.7 billion worth of digital assets over multiple hacks.

Share:

Related Articles

Bybit Cyberattack Results in $1.5 Billion Ethereum Theft, the Largest Exchange Exploit

By March 6th, 2025

Bybit lost $1.5B in a cyberattack linked to North Korean hackers. The breach stemmed from a compromised Safe{Wallet} developer machine.

From Sony to Bybit: How Lazarus Group Became The World’s Most Dangerous Crypto Hackers

By March 2nd, 2025

Bybit’s Ethereum cold wallet was compromised on February 21, resulting in a $1.46 billion theft linked to North Korea’s state-sponsored Lazarus Group, adding to their multibillion-dollar crypto crime spree.

Blockchain Security Giant Chainalysis Expands DeFi Monitoring with Unichain Support

By February 20th, 2025

Blockchain security leader Chainalysis announces comprehensive integration with Uniswap Labs’ Unichain, introducing KYT technology and advanced monitoring tools to enhance DeFi security.

Exit mobile version