CrowdStrike confirms that the hack was carried out by the “Labyrinth Chollima” group.
A North Korean group of hackers has been identified to be responsible for a recent security breach at American IT management company JumpCloud. According to cybersecurity experts, the attack may be an attempt by the hackers to gain access to multiple potential victims all at once.
In a blog post by JumpCloud, the firm confirmed that the attack took place on June 27. It also further clarified that the hackers targeted less than 5 of its clients, using its access. And though JumpCloud did not disclose the exact customers that were affected by the attack, there might be reasons to believe that it was about no more than mere crypto theft. That is according to sources who are closely familiar with the matter.
Meanwhile, cybersecurity firms CrowdStrike Holding and Mandiant have also weighed in on the attack. CrowdStrike confirms that the hack was carried out by the “Labyrinth Chollima” group. Whereas, Mandiant also confirmed initial suspicions that the group may be working on behalf of North Korea. According to Mandiant, the hackers responsible worked for North Korea’s Reconnaissance General Bureau (RGB). That is the country’s primary foreign intelligence agency.
JumpCloud Hack: Latest Development in North Korean Cyber Crimes and Crypto Theft
It is worth noting that the JumpCloud hack is not the first time that North Korea will be linked with such bad acts. However, the latest hack appears to be signaling that North Korean hackers are gradually improvising.
For context, they seem to now be targeting companies that can give them broader access to multiple victims, rather than their old way of going after individual crypto firms. Technically, that is a term known as the “supply chain attack”.
But despite the various allegations against North Korea, particularly as it pertains to organizing crypto heists, the country has continued to deny its involvement.
For what it’s worth though, blockchain analytics firm Chainalysis said last year that North Korean hackers stole about $1.7 billion worth of digital assets over multiple hacks.