News North Korean hackers execute first-ever ‘cascading’ supply chain attack: ReportResearchers say DPRK threat group piggybacked off compromised trading software to hack 3CX videoconference service North Korean hackers gained access to videoconferencing service 3CX through an online investment platform in the first-ever “cascading” supply chain attack, according to a new cybersecurity report published Thursday. Mandiant Consulting concluded that DPRK attack cluster UNC4376 compromised an installer package for Trading Technologies’ popular X_TRADER software as early as 2022 to initiate a sequence that eventually led to the 3CX intrusion. “Cascading software supply chain compromises demonstrate that North Korean operators can exploit network access in creative ways to develop and distribute malware, and move between target networks while conducting operations aligned with North © Korea Risk Group. All rights reserved. |