Security News > 2023 > July > North Korean hackers targeted tech companies through JumpCloud and GitHub

North Korean hackers targeted tech companies through JumpCloud and GitHub
2023-07-21 12:48

North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech employees on GitHub through a social engineering campaign.

"Fewer than 5 JumpCloud customers were impacted and fewer than 10 devices total were impacted, out of more than 200,000 organizations who rely on the JumpCloud platform for a variety of identity, access, security, and management functions,".

Further investigation by JumpCloud and Crowdstrike confirmed that hack was carried out by a North Korean state-sponsored group.

North Korean state-sponsored hackers are well known for their cyber efforts aimed at stealing cryptocurrency to finance the relatively isolated nation-state.

Last year, the US Department of State warned about North Korean hackers taking advantage of the worldwide skill shortage to infiltrate companies by applying for software development and other IT jobs as freelancers.

Once gaining privileged access as contractors, they can enable malicious cyber intrusions by other North Korean threat actors.


News URL

https://www.helpnetsecurity.com/2023/07/21/north-korean-hackers-github/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Github 12 3 42 30 15 90