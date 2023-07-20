A group of hackers backed by the North Korean regime broke into an American IT management company in order to steal cryptocurrencies from various digital wallets through it. The information about the incident was revealed on Thursday (20), by the news agency Reuters.

According to the information, the invasion took place at the end of June in the systems of the American company JumpCloud, which has its headquarters in the city of Louisville, in the state of Colorado. The North Korean hackers used the tech company’s systems to reach its customers who hold cryptocurrency wallets, their ultimate goal being to steal the amounts available in those wallets, the sources claimed.

The invasion reveals a new modus operandi of Kim Jong-un regime hackers. Before, the attackers sought one by one the companies responsible for cryptocurrency digital wallets, now they attack companies that take care of the security of these digital wallets.

IT companies are usually hired by several institutions and store a lot of data in a group, which makes them an extremely attractive target for North Koreans, as they can give access to many sources of bitcoin and other digital currencies.

According to Reuters, JumpCloud did not want to directly blame the North Koreans for the attack. The company only cited in a statement, in which it acknowledged having been the target of an invasion, that a “sophisticated threat agent sponsored by a nation-state” was responsible for the improper access.

But unlike JumpCloud, CrowdStrike, which is assisting the Louisville tech company with its investigation into the breach, confirmed that a squadron of North Korean hackers known as Labyrinth Chollima was behind the breach.

Adam Meyers, senior vice president of intelligence at CrowdStrike, told Reuters that the hackers responsible for the attack have a history of thefts against digital cryptocurrency wallets.

“One of its main objectives has been to generate revenue for the regime [da Coreia do Norte]”, assured Adam.

Meyers also said that Pyongyang’s hacking squads should not be underestimated.

“I don’t think this is the last time we will see North Korean attacks on the supply chain this year,” he said.

JumpCloud has not confirmed whether the hackers managed to steal the digital wallets for which the company is responsible for security.

In recent years, North Koreans have carried out several raids on cryptocurrency wallets with the aim of stealing them. In 2022 alone, they managed to steal over $1.7 billion in digital currencies.

Cryptocurrency invasions and thefts may currently be one of the main sources of revenue for the Kim Jong-un regime, experts claim that the dictatorship may have about 7,000 North Koreans working directly to steal digital wallets around the world.