Cloud IT provider JumpCloud confirmed that North Korean state-backed hackers broke into its systems last month. The hackers targeted JumpCloud in an attempt to reach its cryptocurrency customers.
Security researchers and a Reuters report warned ahead of JumpCloud’s confirmation that North Korea was behind the attack. Tom Hegel, a researcher at SentinelOne, and CrowdStrike, which has been working with JumpCloud, both concluded that a North Korean hacking group was likely behind the intrusion.
Reuters also reported that the North Korean hackers likely targeted JumpCloud as a way of reaching its cryptocurrency customers. This marks a departure from North Korea’s direct attacks on crypto firms toward stealthier, more-advanced supply chain attacks.
Earlier this year, North Korean hackers also targeted video conferencing tool 3CX in a double supply chain attack to get to a handful of cryptocurrency firms.
The sources for this piece include an article in Axios.