North Korea Hacking Cryptocurrency Sites with 3CX Exploit

Read Time:45 Second

Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that’s unfolded over the past week. Kaspersky declined to name any of those victim companies, but it notes that they’re based in “western Asia.”

Security firms CrowdStrike and SentinelOne last week pinned the operation on North Korean hackers, who compromised 3CX installer software that’s used by 600,000 organizations worldwide, according to the vendor. Despite the potentially massive breadth of that attack, which SentinelOne dubbed “Smooth Operator,” Kaspersky has now found that the hackers combed through the victims infected with its corrupted software to ultimately target fewer than 10 machines—at least as far as Kaspersky could observe so far—and that they seemed to be focusing on cryptocurrency firms with “surgical precision.”

Royal Mail Investigates Data Breach Affecting Supplier

Gray Bots Surge as Generative AI Scraper Activity Increases

Bybit Heist Fuels Record Crypto-Theft Surge, Says CertiK

Rational Astrologies and Security

North Korea’s Fake IT Worker Scheme Sets Sights on Europe

Steam Surges to Top of Most Spoofed Brands List in Q1

ICO Apologizes After Data Protection Response Snafu

March 2025 Cybersecurity Consulting Updates and Ransomware Activity

WP Ultimate CSV Importer Flaws Expose 20,000 Websites to Attacks