North Korea Hacking Cryptocurrency Sites with 3CX Exploit

Read Time:45 Second

Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that’s unfolded over the past week. Kaspersky declined to name any of those victim companies, but it notes that they’re based in “western Asia.”

Security firms CrowdStrike and SentinelOne last week pinned the operation on North Korean hackers, who compromised 3CX installer software that’s used by 600,000 organizations worldwide, according to the vendor. Despite the potentially massive breadth of that attack, which SentinelOne dubbed “Smooth Operator,” Kaspersky has now found that the hackers combed through the victims infected with its corrupted software to ultimately target fewer than 10 machines—at least as far as Kaspersky could observe so far—and that they seemed to be focusing on cryptocurrency firms with “surgical precision.”

Threat Actors Abuse Trust in Cloud Collaboration Platforms

Malicious npm Packages Deliver Sophisticated Reverse Shells

ETSI Publishes New Quantum-Safe Encryption Standards

AI Data Poisoning

ENISA Probes Space Threat Landscape in New Report

UK Government’s New Fraud Strategy to Focus on Tech-Enabled Threats

New Android Malware Uses .NET MAUI to Evade Detection

Cybercriminals Use Atlantis AIO to Target 140+ Platforms

The AI Fix #43: I, for one, welcome our new robot overlords!