North Korean state hackers reportedly exploited a cloud services provider called JumpCloud to steal funds from cryptocurrency companies that use its services. The attack, attributed to a group known as Labyrinth Chollima, targeted cryptocurrency firms with a specific focus on stealing digital assets. Crowdstrike, a cybersecurity firm working with JumpCloud to investigate the incident, confirmed the North Korean involvement and highlighted the group’s history of targeting crypto-related businesses.

JumpCloud disclosed that fewer than five of its 200,000 corporate clients and less than ten devices were affected by the attack. The hackers utilized data injection into JumpCloud’s commands framework to carry out the sophisticated and highly targeted attack. The company took immediate action to update credentials and preserve security, contacting law enforcement and sharing information with affected customers to mitigate the impact.

This incident adds to the growing concern over state-backed cyberattacks targeting the cryptocurrency sector. North Korean hacking groups have been involved in other crypto-related attacks, stealing billions of dollars in digital assets in recent years. The incident highlights the importance of robust cybersecurity measures for cryptocurrency companies to protect themselves against sophisticated threats.