In Brief
- North Korean hackers, Labyrinth Chollima, allegedly hacked IT company JumpCloud to steal crypto from its clients.
- Security experts note a shift in strategy, as North Korea now targets multiple companies instead of one at a time.
- Investigators suggest that North Korea's recent cyber attacks aim to steal money to fund government initiatives.
North Korean hackers Labyrinth Chollima is behind a spate of hacks to steal crypto from the clients of JumpCloud, a US IT company.
The group sent JumpCloud customers an email asking them to change their credentials as part of an “ongoing incident.”
North Korean Hackers Stepping up Their Game
Colorado-based JumpCloud acknowledged the Labyrinth breach last week, tracing it back to June 27. It is working with cybersecurity firm CrowdStrike Holdings to uncover details of the hack.
So far, there have been no confirmations of actual crypto theft.
Security experts say these kinds of attacks targeting multiple companies are a new phenomenon. Previously, hackers from Pyongyang were satisfied targeting one company at a time.
Tom Hegel, a cybersecurity researcher unrelated to the investigation, said of the breach,
“North Korea in my opinion is really stepping up their game.”
On Wednesday, France’s Autorité des marchés financiers (AMF) approved Société Générale’s digital asset provider license. France’s finance watchdog requires digital asset service providers to have insurance for customer deposits or a certain percentage of capital to qualify for a license.
Labyrinth Hack May be Part of Government Plan to Fight Sanctions
Several countries and international bodies have sanctioned North Korea for its nuclear weapons program. Investigators commenting on the recent JumpCloud attack argue much of the attacks coming from North Korea steals money to fund government initiatives.
Following a temporary respite in nuclear testing brought about by the Clinton Administration’s Agreed Framework, the nation resumed nuclear testing in 2006. After that, international sanctions expanded to include financial assets and bank transactions.
Blockchain security firm Chainalysis confirmed last year that hacking groups linked to Pyongyang stole about $1.7 billion in digital cash in 2022.
While the flow of crypto funds to illicit or risky addresses fell in H1 2023, ransomware and impersonation scams grew.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.