Security News > 2023 > July > North Korean hackers targeted tech companies through JumpCloud and GitHub
North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech employees on GitHub through a social engineering campaign.
"Fewer than 5 JumpCloud customers were impacted and fewer than 10 devices total were impacted, out of more than 200,000 organizations who rely on the JumpCloud platform for a variety of identity, access, security, and management functions,".
Further investigation by JumpCloud and Crowdstrike confirmed that hack was carried out by a North Korean state-sponsored group.
North Korean state-sponsored hackers are well known for their cyber efforts aimed at stealing cryptocurrency to finance the relatively isolated nation-state.
Last year, the US Department of State warned about North Korean hackers taking advantage of the worldwide skill shortage to infiltrate companies by applying for software development and other IT jobs as freelancers.
Once gaining privileged access as contractors, they can enable malicious cyber intrusions by other North Korean threat actors.
News URL
https://www.helpnetsecurity.com/2023/07/21/north-korean-hackers-github/
Related news
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Radiant links $50 million crypto heist to North Korean hackers (source)
- North Korean hackers stole $1.3 billion worth of crypto this year (source)
- North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin (source)
- FBI links North Korean hackers to $308 million crypto heist (source)
- North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign (source)