North Korean hackers execute first-ever ‘cascading’ supply chain attack: Report



News North Korean hackers execute first-ever ‘cascading’ supply chain attack: Report Researchers say DPRK threat group piggybacked off compromised trading software to hack 3CX videoconference service Shreyas Reddy April 21, 2023 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON An illustration of North Korean hackers North Korean hackers gained access to videoconferencing service 3CX through an online investment platform in the first-ever “cascading” supply chain attack, according to a new cybersecurity report published Thursday. Mandiant Consulting concluded that DPRK attack cluster UNC4376 compromised an installer package for Trading Technologies’ popular X_TRADER software as early as 2022 to initiate a sequence that eventually led to the 3CX intrusion. “Cascading software supply chain compromises demonstrate that North Korean operators can exploit network access in creative ways to develop and distribute malware, and move between target networks while conducting operations aligned with North Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01How China could benefit from North Korea’s troop deployment to Ukraine 02New North Korean ICBM delivers big political message, and likely bigger payloads 03How North Korea-Russia ties will challenge next US president, no matter who wins 04What to make of the stunning collapse in value of North Korean won 05What to know about Kim Yong Bok, the man leading North Korean troops in Russia 06If Trump: How erratic leader’s reelection could scramble North Korea policy 07North Korea’s admission of drone incursion exposes glaring gaps in air defenses 08The war in Ukraine is transforming how Europe perceives North Korean threats

News

North Korean hackers execute first-ever ‘cascading’ supply chain attack: Report

Researchers say DPRK threat group piggybacked off compromised trading software to hack 3CX videoconference service

Shreyas Reddy April 21, 2023

North Korean hackers execute first-ever ‘cascading’ supply chain attack: Report

An illustration of North Korean hackers

North Korean hackers gained access to videoconferencing service 3CX through an online investment platform in the first-ever “cascading” supply chain attack, according to a new cybersecurity report published Thursday.

Mandiant Consulting concluded that DPRK attack cluster UNC4376 compromised an installer package for Trading Technologies’ popular X_TRADER software as early as 2022 to initiate a sequence that eventually led to the 3CX intrusion.

“Cascading software supply chain compromises demonstrate that North Korean operators can exploit network access in creative ways to develop and distribute malware, and move between target networks while conducting operations aligned with North

01How China could benefit from North Korea’s troop deployment to Ukraine
02New North Korean ICBM delivers big political message, and likely bigger payloads
03How North Korea-Russia ties will challenge next US president, no matter who wins
04What to make of the stunning collapse in value of North Korean won
05What to know about Kim Yong Bok, the man leading North Korean troops in Russia
06If Trump: How erratic leader’s reelection could scramble North Korea policy
07North Korea’s admission of drone incursion exposes glaring gaps in air defenses
08The war in Ukraine is transforming how Europe perceives North Korean threats

North Korean hackers execute first-ever ‘cascading’ supply chain attack: Report

LATEST ANALYSIS

Similar Articles

About the Author

Shreyas Reddy