STATE ACTOR: North Korean-linked attack on EU & US - Symantec | Iain Fraser Cybersecurity Journalist

STATE ACTOR: North Korean-linked attack on EU & US - Symantec | Iain Fraser Cybersecurity Journalist

24th April 2023

A North Korean-linked operation affected more organizations beyond 3CX, including two critical infrastructure organizations in the energy sector.

The X_Trader software supply chain attack affected more organizations than 3CX. Initial investigation by Symantec’s Threat Hunter Team has, to date, found that among the victims are two critical infrastructure organizations in the energy sector, one in the U.S. and the other in Europe. In addition to this, two other organizations involved in financial trading were also breached.

As reported yesterday by Mandiant, Trojanized X_Trader software was the cause of the 3CX breach, which was uncovered last month. As a result of this breach, 3CX’s software was compromised, with many customers inadvertently downloading malicious versions of the company’s voice and video calling software DesktopApp. In addition to wider victims, Symantec has also discovered additional indicators of compromise, listed below.

It appears likely that the X_Trader supply chain attack is financially motivated, since Trading Technologies, the developer of X_Trader, facilitates futures trading, including energy futures. Nevertheless, the compromise of critical infrastructure targets is a source of concern. North Korean-sponsored actors are known to engage in both espionage and financially motivated attacks and it cannot be ruled out that strategically important organizations breached during a financial campaign are targeted for further exploitation. Learn More /...

About Symantec/Broadcom

Broadcom Inc. is a global infrastructure technology leader built on 50 years of innovation, collaboration and engineering excellence. With roots based in the rich technical heritage of AT&T/Bell Labs, Lucent and Hewlett-Packard/Agilent, Broadcom focuses on technologies that connect our world. Through the combination of industry leaders Broadcom, LSI, Broadcom Corporation, Brocade, CA Technologies and Symantec, the company has the size, scope and engineering talent to lead the industry into the future. Learn More /...

Cybersecurity Journalist
Image Credit: Shafquat Towheed

About Cybersecurity Journalist - Iain Fraser

Daily Cyber Insights | Iain Fraser - Cybersecurity & Geopolitical Journalist, Authority Writer, Commentator, Consultant Editor - Cybersecurity & Geopolitics | Gibraltar & Málaga City - Cybersecurity & Geopolitical Awareness, Threat Management, Compliance and Best Practice Mitigation. Voted Top 30 Cybersecurity News Websites Globally in 2023 for Information Security by Feedspot #CyberJourno #Scambaiter - Available for Assignments - Articles, Web Content, Guest Blogger.


Post a Comment

Note: only a member of this blog may post a comment.