A hacking group backed by the North Korean government breached an IT company in the US in a bid to targetcryptocurrency companies, Reuters reported Thursday citing sources.
JumpCloud, which provides identity and access management tools for enterprise devices, blamed the hacking on a“sophisticated nation-state sponsored threat actor" without naming who was behind it.
The hackers infiltratedJumpCloud last month to steal cryptocurrency by accessing the company'ssystems to target its clients, said the sources.
TheNorth Korean cyber spies are now attacking the companies through which they can accessmultiple sources of Bitcoin and other digital currencies.
According to a spokesperson of the IT company, the hack only impacted fewer than five customers.
However, it was confirmed byCybersecurity firm CrowdStrike Holdings that"Labyrinth Chollima" — which is a North Korean hacking group — was behind the attack.
"One of their primary objectives has been generating revenue for the regime," saidAdam Meyers, who is the senior vice president ofCrowdStrike.
Their allegation was also supported by independent research.
This was the latest intrusion by North Korean hackers, showing how they have becomeat “supply chain attacks"or elaborate hacks, cybersecurity researcher Tom Hegel told Reuters.
“North Korea in my opinion is really stepping up their game,” said Hegel.
Labyrinth Chollima is one of the mostprolific hacking groups in North Korea and is said to have breached some of the most daring and disruptive cyber intrusions.
Chainalysis, which is a blockchain analytics firm, said last year that North Korean-linked groups stole about$1.7 billion worth of digital cash with several hacks.