{"id":161340,"date":"2023-03-31T10:22:18","date_gmt":"2023-03-31T15:22:18","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/03\/supply-chain-cyberattack-with-possible-links-to-north-korea-could-have-thousands-of-victims-globally"},"modified":"2023-03-31T10:22:18","modified_gmt":"2023-03-31T15:22:18","slug":"supply-chain-cyberattack-with-possible-links-to-north-korea-could-have-thousands-of-victims-globally","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/03\/supply-chain-cyberattack-with-possible-links-to-north-korea-could-have-thousands-of-victims-globally","title":{"rendered":"Supply chain cyberattack with possible links to North Korea could have thousands of victims globally"},"content":{"rendered":"

<\/a><\/p>\n

Hackers modified an enterprise communication company\u2019s installation software in an attack that could steal credentials and other information from companies around the world, according to an analysis published Wednesday.<\/p>\n

Researchers with cybersecurity firm SentinelOne\u2019s SentinelLabs team traced illicit activity<\/a> flagged by its detection systems back to the installation software from a company called 3CX, which according to its website<\/a> provides video conferencing and online communication products to companies such as Toyota, McDonalds, Pepsi and Chevron. In total, the company says it serves some 12 million customers globally.<\/p>\n

This sort of large-scale attack that takes advantage of a company\u2019s supply chain \u2014 similar to how attackers leveraged a flaw within a SolarWinds product<\/a> update to install backdoors inside its customers\u2019 networks \u2014 can be difficult to defend against and could lead to devastating consequences for victims. It\u2019s also the kind of operation that is typically associated with a nation-state hacking group.<\/p>\n","protected":false},"excerpt":{"rendered":"

Hackers modified an enterprise communication company\u2019s installation software in an attack that could steal credentials and other information from companies around the world, according to an analysis published Wednesday. Researchers with cybersecurity firm SentinelOne\u2019s SentinelLabs team traced illicit activity flagged by its detection systems back to the installation software from a company called 3CX, which [\u2026]<\/p>\n","protected":false},"author":396,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-161340","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/161340","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/396"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=161340"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/161340\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=161340"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=161340"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=161340"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}