Targeting of IT company as part of a supply-chain attack
Date of report
  • July 2023
  • Believed to be the work of the North Korean government
North Korean threat actors targeted the systems of an information technology firm, JumpCloud. After gaining access to JumpCloud’s systems, the operators targeted several JumpCloud customers involved in the cryptocurrency trade.
Suspected victims
  • JumpCloud and its customers involved in cryptocurrency
Suspected state sponsor
  • Korea (Democratic People's Republic of)
Type of incident
  • Financial Theft
Target category
  • Private sector
Victim government reaction
  • Unknown
Policy response
Suspected state sponsor response