Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

N. Korean Hackers Use Supply Chain Attacks

April 21, 2023
Reading Time: 2 mins read
in News

 

Desktop phone developer 3CX’s supply chain attack was the result of a previously unknown attack on a financial trading software maker by North Korean hackers, according to Mandiant’s forensic team.

Chicago-based Trading Technologies’ software, X_Trader, was decommissioned but still available for download, and it was downloaded by a 3CX employee who unwittingly introduced backdoor malware, VeiledSignal, into 3CX’s source code.

The infiltration was likely opportunistic, but the sequence of attacks “shows an increase in cyber offense capability by North Korean threat actors,” said Charles Carmakal, Mandiant’s CTO. The hackers responsible, tracked as UNC4736, are believed to be related to financially motivated Pyongyang hacking activity identified as AppleJeus.

Although 3CX has taken steps to prevent a recurrence, the availability of X_Trader on the Trading Technologies website past its official expiration means other victims are probably compromised. The malware used the Trading Technologies website as command and control.

VeiledSignal contains three components: the main backdoor, an injector module, and a communications model, according to Mandiant. The attack on 3CX is significant because it’s the first time one supply chain attack has led to another, Carmakal said.

North Korea is known for state-sponsored hacking for financial gain. The totalitarian regime has long underwritten criminal activity in a quest for hard currency, which it uses to fund the development of weapons of mass destruction.

The 3CX infiltration is part of a trend where North Korean hackers are increasingly focused on financially motivated attacks, said Ben Read, Mandiant’s director of cyberespionage analysis.

While Trading Technologies has not yet verified Mandiant’s conclusions, it’s noteworthy that the application is no longer available for download, and that this incident is entirely unrelated to its current TT platform.

Reference:
  • Cascading Supply Chain Attack: 3CX Hacked After Employee Downloaded Trojanized App

Tags: 3CXApril 2023Cyber AttacksCyber NewsCyber News 2023GovernmentHackersNorth Korean
ADVERTISEMENT

Related Posts

Lovestruck Airman Leaks Secrets on App

Russian Pro-Player Arrested in Ransomware

July 11, 2025
Lovestruck Airman Leaks Secrets on App

Four Arrested in £440M Cyber Attack

July 11, 2025
Lovestruck Airman Leaks Secrets on App

Lovestruck Airman Leaks Secrets on App

July 11, 2025
US Gov Unprecedented Cut to Cyber Budget

OpenAI Boosts Security Against Chinese IP Theft

July 10, 2025
US Gov Unprecedented Cut to Cyber Budget

US Gov Unprecedented Cut to Cyber Budget

July 10, 2025
US Gov Unprecedented Cut to Cyber Budget

US Sanctions N. Korean Andariel Member

July 10, 2025

Latest Alerts

Fake Sites Push Investment Scams

Fake Firms Push Malware on Crypto Users

Severe WordPress Flaw 200K Sites at Risk

RondoDox Botnet Exploits Router Flaws

ServiceNow Data Exposure via ACLs

Hackers Revive SEO Poisoning

Subscribe to our newsletter

    Latest Incidents

    Microsoft’s Outlook Long Outage

    Avantic Lab Affected By Ransomware

    $40M+ Stolen from GMX Crypto Platform

    Bitcoin Depot Breach Exposes Data

    McDonald’s AI Hiring Bot Exposes Data

    Nippon Steel Solutions Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial