North Korean hackers targeting phone conferencing software, security firm says



News North Korean hackers targeting phone conferencing software, security firm says Attack grants access to users’ system and browser data and aligns with broader goal of raising money for regime Shreyas Reddy March 31, 2023 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON Representation of hackers gaining access to a system \| Image: Fort George G. Meade Public Affairs Office Flickr - CC BY 2.0 (March 25, 2018) A U.S. cybersecurity firm has attributed a recent attack on a popular business communications tool to a North Korean hacker network associated with the Lazarus Group. CrowdStrike said it observed malicious activity originating from 3CXDesktopApp, a voice and video conferencing software product developed by virtual phone service company 3CX, in a post on its website Wednesday. This malicious activity reportedly included “beaconing” to infrastructure controlled by the threat actor, deployment of additional payloads, and in some cases, remote activity carried out directly by attackers already inside the target’s operating environment. CrowdStrike Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01Trump return rekindles prospects of North Korea talks, but Russia stands in way 02How China could benefit from North Korea’s troop deployment to Ukraine 03New North Korean ICBM delivers big political message, and likely bigger payloads 04How North Korea-Russia ties will challenge next US president, no matter who wins 05What to make of the stunning collapse in value of North Korean won 06What to know about Kim Yong Bok, the man leading North Korean troops in Russia 07If Trump: How erratic leader’s reelection could scramble North Korea policy 08North Korea’s admission of drone incursion exposes glaring gaps in air defenses

News

North Korean hackers targeting phone conferencing software, security firm says

Attack grants access to users’ system and browser data and aligns with broader goal of raising money for regime

Shreyas Reddy March 31, 2023

North Korean hackers targeting phone conferencing software, security firm says

Representation of hackers gaining access to a system | Image: Fort George G. Meade Public Affairs Office Flickr - CC BY 2.0 (March 25, 2018)

A U.S. cybersecurity firm has attributed a recent attack on a popular business communications tool to a North Korean hacker network associated with the Lazarus Group.

CrowdStrike said it observed malicious activity originating from 3CXDesktopApp, a voice and video conferencing software product developed by virtual phone service company 3CX, in a post on its website Wednesday.

This malicious activity reportedly included “beaconing” to infrastructure controlled by the threat actor, deployment of additional payloads, and in some cases, remote activity carried out directly by attackers already inside the target’s operating environment.

CrowdStrike

North Korean hackers targeting phone conferencing software, security firm says

LATEST ANALYSIS

Similar Articles

About the Author

Shreyas Reddy