• North Korean state-backed hackers exploited a cloud services provider called JumpCloud to steal funds from crypto companies.
• Crowdstrike, a cybersecurity firm collaborating with JumpCloud to probe the incident, attributed the attack to a group known as Labyrinth Chollima.
• JumpCloud announced North Korea as the perpetrator of the attack and disclosed that less than five of the company’s 200,000 corporate clients were affected.
North Korean Hackers Exploit Cloud Service to Rob Crypto Firms
Background Information
North Korean state-backed hackers have exploited a cloud services provider called JumpCloud in order to steal funds from cryptocurrency companies that use its services. The incident was investigated by cybersecurity firm Crowdstrike, which attributed the attack to a group known as Labyrinth Chollima.
Impact of Attack
JumpCloud has since announced North Korea as the perpetrator of this attack and also disclosed that less than five out of its 200,000 corporate clients were affected. However, it remains unspecified which exact crypto companies were impacted or how much cryptocurrency was stolen in total.
Crowdstrike’s Response
The representative from Crowdstrike did not confirm if any cryptocurrency was stolen but noted that Labyrinth Chollima has previously targeted cryptocurrency companies before.
JumpCloud Update
On July 20th, JumpCloud updated their statement regarding this incident and revealed that only 10 devices out of their 200k client base had been affected by this attack.
Conclusion
This cyberattack serves as an example for all crypto companies of how important security measures are in order to prevent these types of malicious activities from occurring in today’s digital world.