In recent news, the cloud-based IT management service JumpCloud publicly shared details gathered from the investigation into an intrusion on their network. Alongside the updated details, the organization shared a list of associated indicators of compromise (IOCs), noting attribution to an unnamed “sophisticated nation-state sponsored threat actor.” Reviewing the newly released indicators of compromise, we associate the cluster of threat activity to a North Korean state sponsored APT.[1] The IO