A North Korean hacking group, believed to be supported by the government, successfully infiltrated an American IT management firm and leveraged it to launch attacks on cryptocurrency companies, cybersecurity experts revealed on Thursday.
The hackers gained unauthorized access to JumpCloud, based in Louisville, Colorado, in late June and subsequently used the company’s systems as a launching point to target a small number of its clients.
Although JumpCloud did not disclose the identities of the affected customers, cybersecurity firms CrowdStrike Holdings and Mandiant, an Alphabet-owned company, confirmed their assistance in investigating the incident. Both firms identified the hackers as known perpetrators of cryptocurrency theft.
While the specific clients impacted were not named in the report, sources familiar with the matter revealed that they were cryptocurrency-related companies.
The attack highlights the persistent threat posed by state-sponsored hacking groups seeking to exploit weaknesses in the cryptocurrency industry.