North Korean hackers, known to be a part of a sub-group called Labyrinth Chollima, attacked US virtual phone service company 3CX last month. Google’s cybersecurity unit Mandiant released the statement, with consulting chief technology officer Charles Carmakal mentioning that the hackers planted the malware inside a separate software package of X Trader, leading to the malicious code being transferred to 3CX through an employee’s personal computer. The attack is higher and more sophisticated than previous schemes that North Korea had used, with Mandiant saying it is the first time they have ever observed a software supply chain attack leading to another software supply chain attack. The attack is also financially motivated and is targeting cryptocurrency, a widely believed funding source for North Korea’s nuclear program.
>>Join our Facebook Group be part of community. <<