HomeSecurity & RansomwareNorth Korea Hacks Crypto Software Platform Jump Cloud

North Korea Hacks Crypto Software Platform Jump Cloud


Related stories

$48 Million From the Orbit Chain Hack Sent to TornadoCash

The wallet behind the $82 million cross-chain bridge exploit...

Newsletter Attack Leaves Crypto Companies on Alert

In an innovative scheme, cybercriminals have attacked a prominent...

Hackers in North Korea have allegedly garnered illicit entry into the U.S. software company Jump Cloud and have targeted crypto clients.

North Korea Again Seeks to Garner Crypto

Hackers from North Korea trying to steal crypto is nothing new. There are many state-based hackers in the Asian country who are working hard to garner illicit funds so North Korea can continue to fund and build its ongoing nuclear program. It’s estimated the nation has stolen billions of dollars in crypto from regions in North America, Asia, and Europe.

One of the biggest crypto hacking organizations in North Korea is Lazarus, an illicit group of cyberthieves that have taken part in some of the largest crypto hacks in history. For example, in 2022, the group set its sights on Axie Infinity, a blockchain gaming firm. Overall, the group made off with more than $600 million in crypto funds.

Jump Cloud is a directory platform that lets enterprises authenticate, authorize, and manage both specific devices and those who use them. Apparently, the company noticed a breach that took place in June of this year, which ultimately caused executives to have to reset all customer API keys. They later claimed a nation-state actor was behind the attack.

While Jump Cloud did not attribute the hack to any specific group or country, examiners from companies like Crowd Strike and Sentinel One have looked at the matter and believe the Lazarus group could be behind the recent incident. In the past, Lazarus has targeted similar platforms like the Ronin Network and Harmony’s Horizon Bridge. Another analysis firm, Mandiant, also believes North Korea is the most likely culprit.

Following the event, Git Hub published a blog post saying this was part of a “low volume” campaign designed to attack both technology firms and their employees, many of which are likely connected to blockchain, online gambling, or crypto in some way. Git Hub also performed its own audit of the event and concluded that North Korea was likely the country that engaged in the attack.

Tom Hegel, a researcher at Sentinel One, commented in a recent interview:

Based on public details available as of this writing, it’s unclear if the Git Hub alert originated from the Jump Cloud incident or if they are separate efforts by the same attacker.

Taking Swift Action

Josie Judy – a spokesperson for Jump Cloud – also threw her two cents in and said the company was quick to try and resolve the situation upon realizing what occurred. She said:

Upon detecting the incident, we immediately took action based on our incident response plan to mitigate the threat, secure our network and perimeter, communicate with our customers, and engage law enforcement.

Last May, the U.S. announced several new sanctions against North Korea.

Nick Marinoff
Nick Marinoff
Nick Marinoff is currently a lead news writer and editor for Money & Tech, a San Francisco-based broadcasting station that reports on all things digital currency-related. He has also written for a number of other online and print publications including Black Impact Magazine, EKT Interactive, Seal Beach USA and, to name a few. He has recently published his first e-book "Take a 'Loan' Off Your Shoulders: 14 Simple Tricks for Graduating Debt Free" now available on Amazon. He is excited about the potential digital currency offers, particularly its ability to finance unbanked populations and bring nations together financially.


- Never miss a story with notifications

- Gain full access to our premium content

- Browse free from up to 5 devices at once

Latest stories