Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

N. Korean Hackers Use Supply Chain Attacks

April 21, 2023
Reading Time: 2 mins read
in News

 

Desktop phone developer 3CX’s supply chain attack was the result of a previously unknown attack on a financial trading software maker by North Korean hackers, according to Mandiant’s forensic team.

Chicago-based Trading Technologies’ software, X_Trader, was decommissioned but still available for download, and it was downloaded by a 3CX employee who unwittingly introduced backdoor malware, VeiledSignal, into 3CX’s source code.

The infiltration was likely opportunistic, but the sequence of attacks “shows an increase in cyber offense capability by North Korean threat actors,” said Charles Carmakal, Mandiant’s CTO. The hackers responsible, tracked as UNC4736, are believed to be related to financially motivated Pyongyang hacking activity identified as AppleJeus.

Although 3CX has taken steps to prevent a recurrence, the availability of X_Trader on the Trading Technologies website past its official expiration means other victims are probably compromised. The malware used the Trading Technologies website as command and control.

VeiledSignal contains three components: the main backdoor, an injector module, and a communications model, according to Mandiant. The attack on 3CX is significant because it’s the first time one supply chain attack has led to another, Carmakal said.

North Korea is known for state-sponsored hacking for financial gain. The totalitarian regime has long underwritten criminal activity in a quest for hard currency, which it uses to fund the development of weapons of mass destruction.

The 3CX infiltration is part of a trend where North Korean hackers are increasingly focused on financially motivated attacks, said Ben Read, Mandiant’s director of cyberespionage analysis.

While Trading Technologies has not yet verified Mandiant’s conclusions, it’s noteworthy that the application is no longer available for download, and that this incident is entirely unrelated to its current TT platform.

Reference:
  • Cascading Supply Chain Attack: 3CX Hacked After Employee Downloaded Trojanized App

Tags: 3CXApril 2023Cyber AttacksCyber NewsCyber News 2023GovernmentHackersNorth Korean
ADVERTISEMENT

Related Posts

Police Dismantle Crypto Fraud Ring

Police Dismantle Crypto Fraud Ring

September 30, 2025
Police Dismantle Crypto Fraud Ring

UK Arrests Suspect In RTX Ransomware

September 30, 2025
Police Dismantle Crypto Fraud Ring

Police Seize 439 Million In Cybercrime

September 30, 2025
UK Police Seize 5.5 Billion In Bitcoin

UK Police Seize 5.5 Billion In Bitcoin

September 30, 2025
UK Police Seize 5.5 Billion In Bitcoin

Interpol Cracks Down On African Scams

September 30, 2025
UK Police Seize 5.5 Billion In Bitcoin

National Cyber Authorities Release OT Guide

September 30, 2025

Latest Alerts

Hackers Target Libraesva Email Flaw

ShadowV2 Botnet Targets Misconfigured AWS

Cisco Warns Of IOS Zero Day Bug

CISA Warns Of Critical Sudo Flaw

Cybercriminals Use Facebook Google Ads

Fake Microsoft Teams Installers Spread

Subscribe to our newsletter

    Latest Incidents

    Ukrainian Hackers Breach Crimean Servers

    Ransomware Gang Claims Maryland Breach

    Arizona School District Data Breach

    Attackers Take Down Asahi Brewer

    Harrods Alerts Customers To Breach

    Hackers Steal Photos From Kido Nursery

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial