A hacking group backed by the North Korean government has broken into an IT company in the US in a bid to target cryptocurrency companies. reuters The news was given on Thursday quoting sources.
JumpCloud, which provides identity and access management tools for enterprise devices, blamed a “sophisticated nation-state sponsored threat actor” for the hacking, without specifying who was behind it.
Sources said hackers had infiltrated Jumpcloud last month to steal cryptocurrencies by accessing the company’s systems to target the company’s customers.
North Korean cyber spies are now attacking companies through which they can access multiple sources of bitcoin and other digital currencies.
According to a spokesperson for the IT company, the hack affected only less than five customers.
However, it was confirmed by cyber security firm CrowdStrike Holdings that “Labyrinth Chollima” – a North Korean hacking group – was behind the attack.
“One of their primary objectives is to generate revenue for governance,” said Adam Meyers, CrowdStrike’s senior vice president.
His allegation was also supported by independent research.
Cybersecurity researcher Tom Hagel told Reuters it was the latest intrusion by North Korean hackers, showing how they have become involved in “supply chain attacks” or elaborate hacks.
“North Korea is really stepping up their game in my opinion,” Hagel said.
Labyrinth Chollima is one of the most prolific hacking groups in North Korea and is said to have perpetrated some of the most daring and disruptive cyber intrusions.
Chainalysis, a blockchain analytics firm, said last year that groups linked to North Korea stole about $1.7 billion worth of digital cash with multiple hacks.
