Mar 31, 2023

Supply chain cyberattack with possible links to North Korea could have thousands of victims globally

Posted by in category: cybercrime/malcode

Hackers modified an enterprise communication company’s installation software in an attack that could steal credentials and other information from companies around the world, according to an analysis published Wednesday.

Researchers with cybersecurity firm SentinelOne’s SentinelLabs team traced illicit activity flagged by its detection systems back to the installation software from a company called 3CX, which according to its website provides video conferencing and online communication products to companies such as Toyota, McDonalds, Pepsi and Chevron. In total, the company says it serves some 12 million customers globally.

This sort of large-scale attack that takes advantage of a company’s supply chain — similar to how attackers leveraged a flaw within a SolarWinds product update to install backdoors inside its customers’ networks — can be difficult to defend against and could lead to devastating consequences for victims. It’s also the kind of operation that is typically associated with a nation-state hacking group.

Leave a reply