Tag

North Korean Hackers

All articles tagged with #north korean hackers

technology2 years ago•5 min saved

"Twitter's Rebranding, Hackers Target Call of Duty, and China's Cashless Tourism"

This week in tech news, Twitter rebranded to "X" as it shifts its focus to audio, video, messaging, and payment and banking; hackers infected players of the game Call of Duty with self-spreading malware; foreign visitors to China can now use WeChat Pay and Alipay with their foreign credit cards; Sam Altman's Worldcoin launched its eyeball-scanning project to distinguish humans from AI online; and North Korean hackers exposed themselves through a mistake they made during an intrusion at enterprise software company JumpCloud.

via TechCrunch|

#call-of-duty #china #north-korean-hackers

cybersecurity2 years ago•3 min saved

"Double Supply Chain Attack Behind 3CX Hack"

The recent supply chain attack on 3CX was caused by a previous supply chain compromise at Trading Technologies, where North Korean hackers breached the site to push trojanized software builds. The attackers used harvested credentials to move laterally through 3CX's network, eventually breaching both the Windows and macOS build environments. The malware achieved persistence through DLL side-loading via legitimate Microsoft Windows binaries, which made it harder to detect. The threat group (UNC4736) is related to the financially motivated North Korean Lazarus Group behind Operation AppleJeus.

via BleepingComputer|

#3cx #cybersecurity #malware

cybersecurity2 years ago•4 min saved

Massive supply chain attack targets 3CX users with Trojanized apps.

North Korean hackers have carried out a massive supply chain attack on Windows and macOS users of 3CX, a widely used voice and video calling desktop client, compromising the software build system used to create and distribute Windows and macOS versions of the app. The attackers were able to hide malware inside 3CX apps that were digitally signed using the company’s official signing key. The attack is reminiscent of the SolarWinds supply chain attack detected in December 2020. Any organization that uses 3CX should immediately begin analyzing its network infrastructure to look for signs of compromise.

via Ars Technica|

#3cx #cybersecurity #malware