New Delhi, 21st July 2023: US based cybersecurity experts stated on Thursday that, a North Korean government-backed hacking group infiltrated an American IT management company and used it as a springboard to target bitcoin enterprises.
The hackers got into Louisville, Colorado-based JumpCloud in late June and utilised their access to the company’s systems to target “fewer than 5” of its clients, according to a blog post.
JumpCloud did not identify the customers affected, but cybersecurity firms CrowdStrike Holdings, which is assisting JumpCloud, and Alphabet-owned Mandiant, which is assisting one of JumpCloud’s clients, both said the hackers involved were known to specialise in cryptocurrency theft.
Two sources with knowledge of the situation verified that the JumpCloud clients targeted by the hackers were cryptocurrency firms.
The hack demonstrates how North Korean cyber spies, who were previously willing to target digital currency corporations piecemeal, are increasingly targeting companies that might provide them with broader access to several victims downstream – a strategy known as a “supply chain attack.”
The North Korean embassy in New York did not reply to a request for comment. North Korea has repeatedly denied organising digital money heists, despite copious evidence to the contrary, including UN reports.
CrowdStrike identified the hackers as “Labyrinth Chollima,” one of numerous groups claimed to be working on behalf of North Korea. According to Mandiant, the hackers were employed by North Korea’s Reconnaissance General Bureau (RGB), the country’s premier foreign intelligence organisation.
CISA, the US cyber watchdog, and the FBI both declined to comment on the matter.
Discover more from tennews.in: National News Portal
Subscribe to get the latest posts sent to your email.
