Lazarus, a North Korean hacking group, has been found to have breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using a trojanized X_TRADER application.
This attack is linked to the one targeting 3CX last month, and the attackers are believed to be motivated by financial gain.
Mandiant’s investigation revealed that a backdoor was injected into the corrupted X_TRADER app, allowing the adversary to gain access to the employee’s computer and steal credentials.
Symantec has identified the deployment of a modular backdoor which connects to the Trading Technologies’ website for command-and-control.
This attack is likely to have impacted more organizations than just 3CX.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply