Targeting of IT company as part of a supply-chain attack

Date of report

July 2023

Affiliations

Believed to be the work of the North Korean government

North Korean threat actors targeted the systems of an information technology firm, JumpCloud. After gaining access to JumpCloud’s systems, the operators targeted several JumpCloud customers involved in the cryptocurrency trade.

Suspected victims

JumpCloud and its customers involved in cryptocurrency

Suspected state sponsor

Korea (Democratic People's Republic of)

Type of incident

Financial Theft

Target category

Private sector

Victim government reaction

Unknown

Policy response

Unknown

Suspected state sponsor response

Unknown

JumpCloud Intrusion | Attacker Infrastructure Links Compromise to North Korean APT Activity

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events