JumpCloud

#JumpCloud • 2023-06

🇺🇸 United States

JumpCloud disclosed a targeted compromise of internal infrastructure after a spear-phishing campaign, with anomalous activity in its commands framework affecting a small set of customers and forcing credential rotation, infrastructure rebuilds, and customer admin API key resets. Mandiant attributed related intrusions to UNC4899, a DPRK-nexus actor with cryptocurrency-sector targeting history, and other reporting linked attacker infrastructure, malicious npm packages, and supply-chain targeting patterns to North Korean state-sponsored activity.

Related Actors

Related Reports

2025-07-28
Wiz
#TraderTraitor #JumpCloud #NPM #DMM #Bybit #T1082 #T1041 #T1555 #T1071.001 #T1195.002 #T1059.006 #T1059.007 #T1027 #T1204.002 #T1566.002 #T1566.003 #T1566.001 #T1059 #T1199 #T1105 #T1553.002 #T1552.004 #T1195.001 #T1078 #T1087.004 #T1580 #T1578.005 #T1588.003 #T1550.004 #T1609
2024-09-04
Mandiant
#Trend #RustBucket #JumpCloud
2024-03-07
UN
#Andariel #Kimsuky #Scarcruft #Sanctions #Bluenoroff #Qubit #Eterbase #KuCoin #Coinrail #Indodax #JumpCloud #bZx #Alphapo #CoinsPaid #CoinEx #Poloniex #CyberLink #HECO #HTX #AlgoCapital #OrbitBridge #Terraport #Merlin #Steadefi #Fantom #UnoRe #NexusMutual #CoinTiger #Bondly #DeFiance #MGNR #Fetchai #EasyFi #FinNexus #Cryptopia #BiKi #CoinBene #Gateio #Bancor #Tradeio #CoinSecure #Taylor #Cypherium
2024-01-01
Objective-see
#macOS #SmoothOperator #RustBucket #JokerSpy #JumpCloud #KANDYKORN #ObjCShellz
2023-09-27
Jamf
#macOS #3CXDesktopApp #RustBucket #JokerSpy #JumpCloud
2023-08-07
Coins Paid
#Cryptocurrency #JumpCloud #CoinsPaid
2023-07-27
Reversing Labs
#JumpCloud #NPM
2023-07-24
Mandiant
#JumpCloud #UNC4899
2023-07-20
Sentinel One
#JumpCloud #NPM
2023-07-17
Risky Biz News
#JumpCloud
2023-07-12
Jump Cloud
#JumpCloud
2023-07-12
Jump Cloud
#JumpCloud
« Back