A North Korean hacking group broke into a US-based American IT management company and then used it to target an unknown number of cryptocurrency companies, according to a report. The group that is claimed to have government support has been named Labyrinth Cholima.
News agency Reuters, citing two sources familiar with the matter, said that hackers broke into the enterprise software company jumpcloud End of June. The report also states that hackers used this access to target customers of their cryptocurrency company in an attempt to steal digital cash.
JumpCloud acknowledged the hack in a blog post last week and attributed it to a “sophisticated nation-state sponsored threat actor.” The company has not said which of its customers have been affected.
Violation investigation ongoing
During this, Cyber security The company is working with JumpCloud to investigate the CrowdStrike Holdings breach. It confirmed that North Korean hackers were behind the breach. Adam Meyers, CrowdStrike’s senior vice president of intelligence, said hackers have a history of targeting cryptocurrency companies.
He was quoted as saying, “One of their primary objectives is to generate revenue for the regime.”
The Reuters report also claimed that cyber security researcher Tom Heigel said the JumpCloud intrusion shows how North Koreans have become adept at hacking software or service providers to steal data – or money – from users.
“North Korea is really stepping up their game in my opinion,” said Hagel, who works for US firm SentinelOne. He said digital indicators published by JumpCloud link hackers to previously attributed activity North Korea,
Labyrinth Chollima is said to be one of North Korea’s most prolific hacking groups and is reportedly responsible for some of the most daring and disruptive cyber intrusions.
According to blockchain analytics firm Chainalysis, hacking groups linked to North Korea have stolen an estimated $1.7 billion in cryptocurrency through multiple hacks.
News agency Reuters, citing two sources familiar with the matter, said that hackers broke into the enterprise software company jumpcloud End of June. The report also states that hackers used this access to target customers of their cryptocurrency company in an attempt to steal digital cash.
JumpCloud acknowledged the hack in a blog post last week and attributed it to a “sophisticated nation-state sponsored threat actor.” The company has not said which of its customers have been affected.
Violation investigation ongoing
During this, Cyber security The company is working with JumpCloud to investigate the CrowdStrike Holdings breach. It confirmed that North Korean hackers were behind the breach. Adam Meyers, CrowdStrike’s senior vice president of intelligence, said hackers have a history of targeting cryptocurrency companies.
He was quoted as saying, “One of their primary objectives is to generate revenue for the regime.”
The Reuters report also claimed that cyber security researcher Tom Heigel said the JumpCloud intrusion shows how North Koreans have become adept at hacking software or service providers to steal data – or money – from users.
“North Korea is really stepping up their game in my opinion,” said Hagel, who works for US firm SentinelOne. He said digital indicators published by JumpCloud link hackers to previously attributed activity North Korea,
Labyrinth Chollima is said to be one of North Korea’s most prolific hacking groups and is reportedly responsible for some of the most daring and disruptive cyber intrusions.
According to blockchain analytics firm Chainalysis, hacking groups linked to North Korea have stolen an estimated $1.7 billion in cryptocurrency through multiple hacks.