The cryptocurrency industry has rapidly grown into a significant sector with the advancement of digital transformation and technology. However, this rapid growth has made it an attractive target for cyber attackers. Recently, a specific cyber attack targeting cryptocurrency companies has drawn attention, involving a group of hackers supported by the North Korean government.

North Korea-Backed Cyber Attacks:

According to reports by Reuters on July 20, a cyber attack group backed by the North Korean government successfully hacked an American IT management company called JumpCloud and used it as a starting point to target cryptocurrency companies.

JumpCloud, based in Louisville, Colorado, disclosed that the attackers gained unauthorized access to their systems in late June. The attackers then focused their efforts on targeting fewer than five of JumpCloud's customers. While the company did not disclose the identities of the affected customers, cybersecurity firms CrowdStrike Holdings and Mandiant confirmed that these attackers were interested in cryptocurrency theft.

Changing Cyber Attack Strategies:

This incident highlights a shift in the strategies of North Korean cyber spies. They have transitioned from targeting individual digital currency companies to supply chain attack strategies. By targeting a service provider like JumpCloud with multiple customers, the attackers managed to gain access to the information of multiple potential victims downstream. #hackers #JumpCloud

Attacker Groups and Names:

The cyber attacker group behind the attack was identified as "Labyrinth Chollima" by CrowdStrike. However, Mandiant labeled the attackers as the Reconnaissance General Bureau (RGB), which is North Korea's primary foreign intelligence agency. Labyrinth Chollima is known for its bold and disruptive cyber attacks. #cybersecurity

Cryptocurrency Thefts and Financial Losses:

The targeting of cryptocurrency companies resulted in significant financial losses, as reported by the blockchain analytics firm Chainalysis. It is estimated that approximately $1.7 billion worth of digital cash in cryptocurrencies was stolen in multiple hacks.

North Korea's Denial:

North Korea did not respond to requests from its mission to the UN in New York and has consistently denied its role in digital currency thefts. However, international reports and expert analyses confirm North Korea's involvement in cyber attacks. #northkorea #cyberattacks

In Summary:

North Korea-backed cyber attackers continue to draw attention with their changing tactics and bold attacks. The cryptocurrency sector must remain vigilant against constantly evolving threats and strengthen its security measures. Cybersecurity experts express concerns about the increasing prevalence of supply chain attacks and stress the need for the industry to remain alert to such threats. Cryptocurrency companies must take necessary steps to secure customer information and digital assets while continuously updating their security measures.