Hackers in North Korea have allegedly garnered illicit entry into the U.S. software company Jump Cloud and have targeted crypto clients.
North Korea Again Seeks to Garner Crypto
Hackers from North Korea trying to steal crypto is nothing new. There are many state-based hackers in the Asian country who are working hard to garner illicit funds so North Korea can continue to fund and build its ongoing nuclear program. It’s estimated the nation has stolen billions of dollars in crypto from regions in North America, Asia, and Europe.
One of the biggest crypto hacking organizations in North Korea is Lazarus, an illicit group of cyberthieves that have taken part in some of the largest crypto hacks in history. For example, in 2022, the group set its sights on Axie Infinity, a blockchain gaming firm. Overall, the group made off with more than $600 million in crypto funds.
Jump Cloud is a directory platform that lets enterprises authenticate, authorize, and manage both specific devices and those who use them. Apparently, the company noticed a breach that took place in June of this year, which ultimately caused executives to have to reset all customer API keys. They later claimed a nation-state actor was behind the attack.
While Jump Cloud did not attribute the hack to any specific group or country, examiners from companies like Crowd Strike and Sentinel One have looked at the matter and believe the Lazarus group could be behind the recent incident. In the past, Lazarus has targeted similar platforms like the Ronin Network and Harmony’s Horizon Bridge. Another analysis firm, Mandiant, also believes North Korea is the most likely culprit.
Following the event, Git Hub published a blog post saying this was part of a “low volume” campaign designed to attack both technology firms and their employees, many of which are likely connected to blockchain, online gambling, or crypto in some way. Git Hub also performed its own audit of the event and concluded that North Korea was likely the country that engaged in the attack.
Tom Hegel, a researcher at Sentinel One, commented in a recent interview:
Based on public details available as of this writing, it’s unclear if the Git Hub alert originated from the Jump Cloud incident or if they are separate efforts by the same attacker.
Taking Swift Action
Josie Judy – a spokesperson for Jump Cloud – also threw her two cents in and said the company was quick to try and resolve the situation upon realizing what occurred. She said:
Upon detecting the incident, we immediately took action based on our incident response plan to mitigate the threat, secure our network and perimeter, communicate with our customers, and engage law enforcement.
Last May, the U.S. announced several new sanctions against North Korea.
The post North Korea Hacks Crypto Software Platform Jump Cloud appeared first on Live Bitcoin News.