Hacked videoconferencing firm 3CX says North Korea behind massive intrusion



News Hacked videoconferencing firm 3CX says North Korea behind massive intrusion Company cites researchers’ ‘high confidence’ that DPRK target MacOS and Windows with malware and took control of devices Nils Weisensee April 12, 2023 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON An illustration of North Korean hackers in Pyongyang North Korea was very likely behind the massive breach of virtual phone service company 3CX, the company has confirmed. In a report released Tuesday, the company’s chief information security officer Pierre Jourdan stated that cybersecurity firm Mandiant, which had been tasked with investigating the intrusion, assessed with “high confidence” that the so-called supply chain attack was linked to the DPRK. The attackers infected the company’s systems with a piece of malware named TAXHAUL, which installs a component referred to as COLDCAT used to download additional malware on systems running Microsoft Windows, according to Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01Trump return rekindles prospects of North Korea talks, but Russia stands in way 02How China could benefit from North Korea’s troop deployment to Ukraine 03New North Korean ICBM delivers big political message, and likely bigger payloads 04How North Korea-Russia ties will challenge next US president, no matter who wins 05What to make of the stunning collapse in value of North Korean won 06What to know about Kim Yong Bok, the man leading North Korean troops in Russia 07If Trump: How erratic leader’s reelection could scramble North Korea policy 08North Korea’s admission of drone incursion exposes glaring gaps in air defenses 09The war in Ukraine is transforming how Europe perceives North Korean threats 10What North Korea stands to gain by sending troops to fight in Ukraine

News

Hacked videoconferencing firm 3CX says North Korea behind massive intrusion

Company cites researchers’ ‘high confidence’ that DPRK target MacOS and Windows with malware and took control of devices

Nils Weisensee April 12, 2023

Hacked videoconferencing firm 3CX says North Korea behind massive intrusion

An illustration of North Korean hackers in Pyongyang

North Korea was very likely behind the massive breach of virtual phone service company 3CX, the company has confirmed.

In a report released Tuesday, the company’s chief information security officer Pierre Jourdan stated that cybersecurity firm Mandiant, which had been tasked with investigating the intrusion, assessed with “high confidence” that the so-called supply chain attack was linked to the DPRK.

The attackers infected the company’s systems with a piece of malware named TAXHAUL, which installs a component referred to as COLDCAT used to download additional malware on systems running Microsoft Windows, according to

01Trump return rekindles prospects of North Korea talks, but Russia stands in way
02How China could benefit from North Korea’s troop deployment to Ukraine
03New North Korean ICBM delivers big political message, and likely bigger payloads
04How North Korea-Russia ties will challenge next US president, no matter who wins
05What to make of the stunning collapse in value of North Korean won
06What to know about Kim Yong Bok, the man leading North Korean troops in Russia
07If Trump: How erratic leader’s reelection could scramble North Korea policy
08North Korea’s admission of drone incursion exposes glaring gaps in air defenses
09The war in Ukraine is transforming how Europe perceives North Korean threats
10What North Korea stands to gain by sending troops to fight in Ukraine

Hacked videoconferencing firm 3CX says North Korea behind massive intrusion

LATEST ANALYSIS

Similar Articles

About the Author

Nils Weisensee