Wednesday, September 27, 2023

A North Korean hacker group hacked a US Tech company to steal cryptocurrency.

Must read

Jumpcloud logo and binary codes are seen in this illustration taken July 19, 2023. REUTERS/Dado Ruvic/Illustration


  • In late June, North Korean hacking group, “Labyrinth Chollima,” breached an American IT management company, JumpCloud.
  • The hackers targeted JumpCloud’s cryptocurrency company clients to steal digital currencies.
  • CrowdStrike confirms Labyrinth Chollima’s involvement and says their primary objective is generating revenue for the regime.
  • JumpCloud is working with cybersecurity firm CrowdStrike to investigate the incident.
  • North Korean hacking groups are becoming adept at “supply chain attacks” targeting software or service providers.
  • Labyrinth Chollima is responsible for significant cryptocurrency theft, estimated at $1.7 billion in total value.

A group of North Korean hackers, known as “Labyrinth Chollima,” breached an American IT management company, JumpCloud, in late June, according to sources familiar with the matter.

The hackers used their access to the company’s systems to target JumpCloud’s cryptocurrency company clients in an attempt to steal digital cash.

This incident highlights North Korean cyber spies’ new approach of targeting companies that can provide them with access to multiple sources of Bitcoin and other digital currencies.

JumpCloud acknowledged the hack in a blog post last week and attributed it to a “sophisticated nation-state sponsored threat actor.” The company did not respond to questions about who was behind the hack and which clients were affected.

A JumpCloud spokesperson stated that fewer than five customers were impacted, and whether digital currency was stolen is unclear. Cybersecurity firm CrowdStrike Holdings confirmed that Labyrinth Chollima was behind the breach and is working with JumpCloud to investigate the incident.

According to CrowdStrike Senior Vice President for Intelligence Adam Meyers, the hackers’ primary objective has been generating revenue for the regime. Pyongyang’s mission to the United Nations in New York did not respond to Reuters’ request for comment. North Korea has previously denied involvement in digital currency heists, despite evidence to the contrary, including UN reports.

The JumpCloud breach is the latest in a series of recent breaches that show how North Koreans have become skilled at “supply chain attacks,” or hacks that compromise software or service providers to steal data or money from downstream users.

“North Korea, in my opinion, is really stepping up their game,” said cybersecurity researcher Tom Hegel, who works for US firm SentinelOne.

JumpCloud’s products help network administrators manage devices and servers. The firm emailed customers earlier this month, informing them that their credentials would be changed “out of an abundance of caution relating to an ongoing incident.

” The hack on JumpCloud first surfaced publicly when the company acknowledged the incident was a hack and traced it back to June 27. The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI declined to comment.

Labyrinth Chollima is one of North Korea’s most prolific hacking groups and is responsible for some of the isolated country’s most daring and disruptive cyber intrusions. Its theft of cryptocurrency has led to the loss of significant sums.

Blockchain analytics firm Chainalysis estimated that North Korean-linked groups stole around $1.7 billion worth of digital cash across multiple hacks. CrowdStrike’s Meyers warns that Pyongyang’s hacking squads should not be underestimated.

“I don’t think this is the last we’ll see of North Korean supply chain attacks this year,” he said.



More articles

Save Money

How to Receive Compensation for Delayed and Canceled Flights 2023

Air travel, often punctuated by delays, has spurred an increasing need for passenger compensation. You have your right to receive Compensation for Delayed and...
Ethan Rivers
Ethan Rivers
Hi there! I'm Ethan Rivers, a financial enthusiast and the proud author behind the popular financial blog, "Roms Deals." With a passion for helping others achieve financial freedom, I've spent years diving deep into the intricacies of personal finance, investment strategies, and wealth management. Through my blog, I aim to demystify the world of finance and provide practical tips that anyone can apply to their financial journey. Having worked in the financial industry for over a decade, I've gained valuable insights and experience that I love sharing with my readers. From navigating the stock market to maximizing savings, I strive to equip individuals with the knowledge and tools they need to make informed financial decisions. Join me on this exciting journey towards financial empowerment and let's unlock the doors to a brighter financial future together. Welcome to "Roms Deals"!

Latest article