North Korean Hackers Hack U.S. Cloud Provider to Hunt Crypto Investors
Date: 2023-07-22 Author: Karina Ziganova Categories: CRYPTO PAYMENTS, BUSINESS
The American cloud provider of a single authentication center JumpCloud has become a victim of the hacker group Labyrinth Chollima
The North Korean group Labyrinth Chollima hacked the American cloud authentication platform JumpCloud in June 2023. TechCrunch writes about this, citing data from research firms Crowdstrike and SentinelOne.
Representatives of JumpCloud confirmed the hack, but did not specify who exactly is behind the operation. According to IT experts, the attack was carried out by the hacker group Labyrinth Chollima, supervised by the North Korean regime. Analysts say the pattern of the attack is similar to other operations carried out by Pyongyang's cybercriminals.
TechCrunch estimates that 180,000 organizations use JumpCloud's services. Reuters sources claim that the crypto business is among JumpCloud's customers at risk. The extent of the hacker attack remains unclear, but JumpCloud itself confirmed that because of the attack, the company had to change the API keys of customers.
Earlier, South Korean intelligence said that North Korean cybercriminals were able to clean up the South Korean cryptocurrency market for $700 million in 2022. . According to intelligence, the DPRK stole $ 700 million as a result of two hacker attacks. It is unclear what kind of incidents are involved. At the same time, South Korea believes that the North Korean regime has not yet been able to cash out the stolen cryptocurrency. The intelligence believes that North Korea will continue to make attempts to steal cryptocurrencies. It is reported that the cryptocurrency received from hacks accounts for about 30% of all foreign exchange earnings of the DPRK.
According to estimates by on-chain firm Chainalysis, North Korean attackers stole about $1.7 billion in cryptocurrency in 2022. For comparison, in 2020, North Korea's export revenue amounted to only $142 million.
