Source:https:\/\/techcrunch.com\/2023\/04\/11\/3cx-north-korea-cryptocurrency-hack\/<\/a><\/br>
\n3CX blames North Korea for supply chain mass-hack<\/br>
\n2023-04-11 21:44:40<\/br><\/p>\n

\n

\n\t\t\t\n\t\t<\/div>\n<\/p><\/div>\n

\n

Enterprise phone provider 3CX has confirmed that North Korea-backed hackers were behind last month\u2019s supply chain attack<\/a> that appeared to target cryptocurrency companies.<\/p>\n

3CX, which provides online voice, video conferencing and messaging services for businesses, worked with cybersecurity company Mandiant<\/a> to investigate the attack. Hackers compromised the company\u2019s desktop phone software used by hundreds of thousands of organizations to plant information-stealing malware inside their customers\u2019 corporate networks.<\/p>\n

3CX chief information security officer Pierre Jourdan said<\/a> on Tuesday that their investigation confirms that hackers linked to the North Korean regime were behind the attack.<\/p>\n

\u201cBased on the Mandiant investigation into the 3CX intrusion and supply chain attack thus far, they attribute the activity to a cluster named UNC4736,\u201d Jourdan said. \u201cMandiant assesses with high confidence that UNC4736 has a North Korean nexus.\u201d<\/p>\n

Cybersecurity giant CrowdStrike last week linked the 3CX breach to hackers it calls Labyrinth Chollima, a subunit of the notorious Lazarus Group, which is known for stealthy hacks targeting cryptocurrency<\/a> exchanges<\/a> to fund its nuclear weapons program.\u00a0Russia-based Kaspersky Lab also attributed the 3CX breach to North Korea.<\/p>\n

Kaspersky said in its analysis<\/a> of the attack that the hackers were seen deploying a backdoor, which it has named \u201cGopuram,\u201d onto infected systems, noting that the attackers have \u201ca specific interest in cryptocurrency companies.\u201d Kaspersky added that Gopuram was deployed on less than ten machines, indicating<\/span> that the attackers used this backdoor with \u201csurgical precision.\u201d<\/p>\n

In a forum post<\/a> last week, 3CX CEO Nick Galea said that the company is only aware of \u201ca handful of cases\u201d where malware has been triggered. However, the impact of the attack, along with how 3CX was compromised, remains unknown. 3CX claims to have over 600,000 business customers worldwide and more than 12 million active daily users.<\/p>\n<\/p><\/div>\n

<\/br><\/br><\/br><\/p>\n

Science, Tech, Technology<\/br>
\n<\/br>
\nSource:https:\/\/techcrunch.com\/2023\/04\/11\/3cx-north-korea-cryptocurrency-hack\/<\/a><\/br><\/br><\/p>\n","protected":false},"excerpt":{"rendered":"

Source:https:\/\/techcrunch.com\/2023\/04\/11\/3cx-north-korea-cryptocurrency-hack\/ 3CX blames North Korea for supply chain mass-hack 2023-04-11 21:44:40 Enterprise phone provider 3CX has confirmed that North Korea-backed hackers were behind last month\u2019s supply chain attack that appeared to target cryptocurrency companies. 3CX, which provides online voice, video conferencing and messaging services for businesses, worked with cybersecurity company Mandiant to investigate the attack. […]<\/p>\n","protected":false},"author":1,"featured_media":28866,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","om_disable_all_campaigns":false,"pagelayer_contact_templates":[],"_pagelayer_content":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[26,17,8],"tags":[],"class_list":["post-28865","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-science","category-tech","category-technology"],"yoast_head":"\n