Blockchain firm sues JumpCloud over alleged North Korean hacking – BizWest
Ava Labs Inc. has sued JumpCloud Inc., alleging that the Louisville company’s technology “operated as a revolving door for malicious hackers.” Ava Labs Inc., a New York-based cryptocurrency technology startup company, has sued JumpCloud Inc. over alleged North Korean state-sponsored hacking in 2023. The lawsuit alleges that JumpCloud's directory-as-a-service technology platform with identity-authentication capabilities “operated as a revolving door for malicious hackers.” It alleges that this incident resulted in ongoing damages for Ava Labs that could reach several million dollars. JumpCloud blamed the incident on a phishing attack on a JumpCloud employee and identified the hackers as North Korea. Ava claims that its direct recovery efforts after the hack cost at least $637,500 and that Ava has suffered significant damages including loss of goodwill and reputation and lost profits.
Được phát hành : một tháng trước qua Lucas High trong Tech
LOUISVILLE — Ava Labs Inc., a New York-based cryptocurrency technology startup company that developed the Avalanche blockchain platform, has sued JumpCloud Inc., alleging that the Louisville company’s directory-as-a-service technology platform with identity-authentication capabilities “operated as a revolving door for malicious hackers.”
The lawsuit, filed last week in Boulder County District Court, claims that a 2023 hacking incident that JumpCloud blamed on North Korean state-sponsored actors, resulted in ongoing damages for Ava Labs that could total several million dollars.
“To be clear, the infiltration did not occur because JumpCloud’s software failed to prevent a targeted attack on Ava Labs,” Ava’s complaint said. “Ironically, perversely, and in complete contravention of its purpose, JumpCloud’s platform was the very doorway through which the threat actors gained access to Ava Labs’ devices, systems, and private data. …It is as if a home security system, rather than protecting the home, remotely opened up a window through which intruders could enter.”
JumpCloud, a representative of which declined to comment on the Ava lawsuit, said in a 2023 blog post that a “sophisticated nation-state sponsored threat actor … gained unauthorized access to our systems to target a small and specific set of our customers.” The blog post identified the hackers as operating from North Korea.
After the June 2023 hack, allegedly the result of a phishing attack on a JumpCloud employee, JumpCloud “compounded its many security errors and further jeopardized its customers, such as Ava Labs, by circling the wagons, keeping quiet, and shirking any decency and responsibility to aid customers’ containment and remediation efforts,” the lawsuit claimed. “Instead, JumpCloud undertook only those efforts that would not disclose JumpCloud’s security failures to its customers or provide useful and necessary information and assistance while customers such as Ava Labs scrambled to contain the damage and secure their systems and devices.”
Ava estimates that its direct cleap-up efforts after the hack cost at least $637,500. “Further, Ava Labs has suffered consequential damages (which are ongoing) including, but not limited to, the loss of goodwill and reputation and lost profits as a consequence of Ava Labs’ JumpCloud-enabled infiltration, in an amount to be determined at trial but no less than $2 million.”
The lawsuit is Ava Labs Inc. vs. JumpCloud Inc., case number 2024CV30280, filed March 28, 2024 in Boulder County District Court.
Chủ đề: Lawsuits, Korean, Blockchain, Cyber Crime