top of page

North Korean Hackers Target US IT Firm, Steal Crypto Cash

Updated: Jan 8

Sophisticated North Korean cyber spies exploit an IT company to access cryptocurrency businesses and steal digital currencies, raising concerns about supply chain attacks.

North Korea
Credits: REUTERS

A North Korean government-backed hacking group infiltrated an American IT management company, JumpCloud, in late June and subsequently targeted its cryptocurrency clients to steal digital cash.

This highlights North Korean cyber spies' shift towards attacking multiple cryptocurrency companies simultaneously to acquire bitcoin and other digital currencies.

JumpCloud confirmed the hack but did not reveal the hackers' identity or the affected clients. Cybersecurity firm CrowdStrike Holdings confirmed that North Korean hackers, known as "Labyrinth Chollima," were responsible for the breach. The hackers have a history of targeting cryptocurrency companies to generate revenue for the regime.

Although fewer than five customers were impacted, the extent of the stolen digital currency remains unclear. Pyongyang's mission to the United Nations did not respond to comments, while North Korea previously denied organising digital currency heists, despite evidence suggesting otherwise.

Independent research supported CrowdStrike's allegation, with cybersecurity researcher Tom Hegel highlighting how North Korea has become adept at supply chain attacks, compromising software or service providers to steal data or money from users downstream.

JumpCloud's blog post revealed that the intrusion occurred on June 27, with digital indicators linking the hackers to North Korean activity. The U.S. cyber watchdog agency CISA and the FBI did not provide comments.

Labyrinth Chollima, one of North Korea’s most prolific hacking groups, has been responsible for daring and disruptive cyber intrusions, resulting in significant cryptocurrency losses. CrowdStrike's Adam Meyers warned of the possibility of more North Korean supply chain attacks in the future.

  • North Korean hackers infiltrate US IT, targeting crypto clients for cash heist.

  • JumpCloud confirms hack, suspects "Labyrinth Chollima" as responsible.

  • Cybersecurity expert warns of more North Korean supply chain attacks.


As technology advances and has a greater impact on our lives than ever before, being informed is the only way to keep up.  Through our product reviews and news articles, we want to be able to aid our readers in doing so. All of our reviews are carefully written, offer unique insights and critiques, and provide trustworthy recommendations. Our news stories are sourced from trustworthy sources, fact-checked by our team, and presented with the help of AI to make them easier to comprehend for our readers. If you notice any errors in our product reviews or news stories, please email us at  Your input will be important in ensuring that our articles are accurate for all of our readers.

bottom of page