Skip to main content

Mandiant bolsters the case that North Korean hackers were behind 3CX supply chain hack

posted onApril 11, 2023
by l33tdawg
SC Magazine
Credit: SC Magazine

Voice-over IP software provider 3CX has confirmed that the recent supply chain attack was tied to North Korea-backed hackers.  

3CX, which says its phone system is used by over 600,000 companies globally, hired Google-owned cybersecurity firm Mandiant to investigate last month’s massive supply chain attack on its Windows and macOS users.  While that investigation remains ongoing, an interim assessment released today bolsters previous assessments that the hackers were North Korean.

“Based on the Mandiant investigation into the 3CX intrusion and supply chain attack thus far, they attribute the activity to a cluster named UNC4736. Mandiant assesses with high confidence that UNC4736 has a North Korean nexus,” Pierre Jourdan, CISO of 3XC, wrote in a blog post on Tuesday.   The term "nexus" is often used by threat intelligence firms to denote that a hacking group or campaign may originate in a particular country or be made up of native speakers, but where there isn't conclusive evidence of state direction.

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th