.png)
There is a shred of growing evidence that North Korean actors were responsible for the 3CX software supply chain hack, as found by ESET researchers. The newly discovered piece of malware extends the evidence that a North Korean group hacked the supply chain.
In analyzing the backdoor, researchers from cybersecurity firm Eset found that it was tied to Pyongyang’s latest fake job recruitment campaign, Operation Dream Job. This campaign recruits people for Pyongyang jobs. The Eset report indicates that North Korean hackers produce and use malware that works on all major desktop operating systems, including Windows, MacOS, and Linux.
There is no connection between Linux malware and the 3CX supply-chain attack disclosed in late March by Lazarus Group. However, ESET researchers said they were confident that the 3CX attack was conducted by this company. This is even though it does not seem related to the Linux malware. As the name suggests, this is less a distinct organization than it is an umbrella term for a variety of North Korean hacking groups, some state-sponsored, and some criminal, that work for the Hermit Kingdom, and that are based in the country.
A Trojan attack on 3CX’s source code by North Korean hackers was publicly reported in late March, revealing their source code was stolen. A research team
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: