Tag

Labyrinth Chollima

All articles tagged with #labyrinth chollima

cyber-threat-supply-chain-attack2 years ago•3 min saved

"Massive Supply Chain Attack Targets 3CX Users with Trojanized Apps"

Enterprise communications software maker 3CX has confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The attack leveraged a technique called DLL side-loading to load a rogue library referred to as "ffmpeg.dll" that's designed to read encrypted shellcode from another DLL called "d3dcompiler_47.dll." Cybersecurity firm CrowdStrike has attributed the attack with high confidence to Labyrinth Chollima, a North Korea-aligned state-sponsored actor.

via The Hacker News|

#3cx #cyber-threat-supply-chain-attack #cybersecurity

cybersecurity2 years ago•3 min saved

Millions at Risk: 3CX Desktop App Compromised in Supply Chain Attack

Cybersecurity vendors have warned of an active supply chain attack that is using digitally signed and rigged installers of the popular voice and video conferencing software, 3CX Desktop App, to target downstream customers. The attack, dubbed SmoothOperator, is the first stage in a multi-stage attack chain that pulls ICO files appended with Base64 data from GitHub and ultimately leads to a third-stage infostealer DLL. The attack may have commenced around March 22, 2023. 3CX is working on a software update for its desktop app and is urging its customers to uninstall the app and install it again or use the PWA client as a workaround. The attack has been attributed with high confidence to a North Korean nation-state actor, Labyrinth Chollima.

via The Hacker News|

#3cx #cybersecurity #information-stealer