West Houston, TX — July 31, 2025 — Impress IT Solutions, a leading provider of managed IT and cybersecurity services in West Houston, is alerting local businesses to a sophisticated and ongoing cyber campaign carried out by North Korea-linked threat actors. The campaign has already resulted in millions of dollars in cryptocurrency theft and highlights the urgent need for robust cloud and endpoint security measures.
The threat group, tracked under various names including UNC4899Jade Sleet, and TraderTraitor, has been using fake job offers and cloud platform exploits to trick employees into compromising company infrastructure. Their primary targets? Organizations in the cryptocurrency and blockchain sectors—and any businesses that interact with them.
“This is an important reminder that cybersecurity threats don’t just hit major global players—local companies, contractors, and even freelancers in West Houston are targets too,” says the team at Impress IT Solutions.
How the Attack Works
UNC4899’s tactics revolve around social engineering and cloud infiltration:
  • LinkedIn and Telegram messages are used to bait employees with high-paying freelance development jobs.
  • Targets are tricked into launching malicious Docker containers or installing compromised npm packages, which execute malware on the victim’s device.
  • Once inside, the attackers pivot to the company’s Google Cloud or AWS environment, using tools like GLASSCANNONPLOTTWIST, and MAZEWIRE to steal credentials and sensitive data.
  • In some cases, the attackers disable and then re-enable multi-factor authentication (MFA) to cover their tracks.
  • The end goal? Withdraw millions in cryptocurrency by injecting malicious JavaScript into cloud-hosted web assets and manipulating transactions.
Impress IT Solutions notes that while these incidents involved high-profile targets, the tools and methods are increasingly being used against small and mid-sized businesses with less advanced security.
Why This Matters for West Houston Businesses
Impress IT Solutions has seen a sharp increase in phishing and cloud-based threats across a variety of industries—not just crypto. Businesses that rely on cloud platforms like AWS, Microsoft Azure, and Google Cloud are particularly vulnerable, especially if access controls and activity monitoring are not properly configured.
“Your business may not be a crypto exchange,” says Impress IT, “but if you’re using cloud services and your employees are active on platforms like LinkedIn, you’re at risk. These attacks exploit human trust, not just technical vulnerabilities.”
Impress IT’s Defense Strategy
To protect against threats like UNC4899’s malware campaigns, Impress IT Solutions provides West Houston businesses with:
✅ Managed Cloud Security for AWS, Azure, and Google Cloud
✅ Advanced Endpoint Detection & Response (EDR)
✅ Phishing Simulation & Security Awareness Training
✅ Credential Monitoring & MFA Hardening
✅ 24/7 Security Operations Center (SOC) Monitoring
✅ Supply Chain and Open-Source Package Scanning
They also assist clients in deploying zero-trust architectures and secure code practices to prevent compromised packages from making it into production.
What’s Next? Lazarus Group Isn’t Slowing Down
Impress IT also warns of a parallel campaign involving infected npm and PyPI packages—commonly used in web and software development—that are loaded with credential stealers like BeaverTail. These malicious libraries are now being planted in open-source registries, disguised as popular tools, and downloaded by developers across the globe.
“This is no longer just a backroom hacker threat—it’s state-sponsored cyberwarfare with real-world business impacts,” says the Impress IT team.
Protect Your Business Now
Impress IT Solutions encourages all West Houston businesses—especially those in technology, finance, and e-commerce—to schedule a free cybersecurity risk assessment. In today’s threat landscape, proactive protection is the only safe option.
Free For A Limited Time
We Want To Give You A Free Cyber-Security Risk Assessment That Gives You The Answers You Want And The Certainty You Need