Notably, North Korea-affiliated threat actors are known to “engage in revenue generation for the regime” to fund its military activities, since the country has largely been cut off from the global economy, Meyers said in the previous interview. In a previous interview with CRN, Adam Meyers, head of intelligence at CrowdStrike, said that hackers working on behalf of North Korea “are very capable threat actors.” Revenue Generation?ĬrowdStrike-whose threat hunters were the first to pinpoint the 3CX campaign as a real attack-has attributed the compromise to a North Korea-affiliated group that it calls Labyrinth Chollima. The 3CX attack has drawn comparisons to some of the largest breaches to date such as the SolarWinds and Kaseya attacks. Major customers listed by 3CX include American Express, McDonald’s, Coca-Cola, NHS, MIT, Toyota, BMW and Honda. As it turned out, the increase was directly related to the 3CX supply chain attack,” the researchers wrote in the post, adding that the attacker “specifically targeted cryptocurrency companies.”Īccording to 3CX, its customer base totals more than 600,000 organizations, with sales exclusively through its network of 25,000 partners. “Over the years, we observed few victims compromised with Gopuram, but the number of infections began to increase in March 2023. In a post, the researchers wrote that the attacker has been observed deploying a backdoor, which Kaspersky has named “Gopuram,” onto infected systems belonging to unnamed cryptocurrency companies. The research attempts to answer one of the biggest questions remaining about the supply chain attack against communications app maker 3CX: What was the attacker’s end goal? According to Kaspersky Lab researchers, the attack was about more than just deploying information-stealing malware onto 3CX customer systems, and may have also had immediate financial gain as a motive. The threat actor behind the 3CX supply chain compromise appears to have been targeting cryptocurrency companies with the attack, according to findings from Kaspersky Lab released Monday.
0 kommentar(er)
