North Korean threat actors have demonstrated a new level of sophistication in a supply chain attack targeting 3CX.
The attack began with a malicious version of a fintech company’s discontinued software, which was downloaded by a 3CX employee and used to steal their credentials.
The threat actor then used open source tools and malware to extract and execute a backdoor, enabling them to gain access to the company’s environment and deploy malicious payloads.
Mandiant has identified the attack as UNC4736, which is likely connected to the Lazarus Group’s Operation Dream Job and Operation AppleJeus campaigns.
3CX is taking steps to harden its systems and minimize the risk of future attacks.
👋 Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! 🛍️
If not, consider contributing to my caffeine supply at Buy Me a Coffee ☕️.
Your clicks = cosmic support for more awesome content! 🚀🌈
Leave a Reply