Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

N. Korean Hackers Use Supply Chain Attacks

April 21, 2023
Reading Time: 2 mins read
in News

 

Desktop phone developer 3CX’s supply chain attack was the result of a previously unknown attack on a financial trading software maker by North Korean hackers, according to Mandiant’s forensic team.

Chicago-based Trading Technologies’ software, X_Trader, was decommissioned but still available for download, and it was downloaded by a 3CX employee who unwittingly introduced backdoor malware, VeiledSignal, into 3CX’s source code.

The infiltration was likely opportunistic, but the sequence of attacks “shows an increase in cyber offense capability by North Korean threat actors,” said Charles Carmakal, Mandiant’s CTO. The hackers responsible, tracked as UNC4736, are believed to be related to financially motivated Pyongyang hacking activity identified as AppleJeus.

Although 3CX has taken steps to prevent a recurrence, the availability of X_Trader on the Trading Technologies website past its official expiration means other victims are probably compromised. The malware used the Trading Technologies website as command and control.

VeiledSignal contains three components: the main backdoor, an injector module, and a communications model, according to Mandiant. The attack on 3CX is significant because it’s the first time one supply chain attack has led to another, Carmakal said.

North Korea is known for state-sponsored hacking for financial gain. The totalitarian regime has long underwritten criminal activity in a quest for hard currency, which it uses to fund the development of weapons of mass destruction.

The 3CX infiltration is part of a trend where North Korean hackers are increasingly focused on financially motivated attacks, said Ben Read, Mandiant’s director of cyberespionage analysis.

While Trading Technologies has not yet verified Mandiant’s conclusions, it’s noteworthy that the application is no longer available for download, and that this incident is entirely unrelated to its current TT platform.

Reference:
  • Cascading Supply Chain Attack: 3CX Hacked After Employee Downloaded Trojanized App

Tags: 3CXApril 2023Cyber AttacksCyber NewsCyber News 2023GovernmentHackersNorth Korean
ADVERTISEMENT

Related Posts

Employees Keep Feeding AI Secrets

Signal Adds Secure Cloud Backups

September 9, 2025
Employees Keep Feeding AI Secrets

Spamgpt AI Tool Powers Phishing Attack

September 9, 2025
Employees Keep Feeding AI Secrets

Employees Keep Feeding AI Secrets

September 9, 2025
Maduro Claims Huawei Phone Cannot Be Hacked

Police Disrupts Streameast Piracy Site

September 9, 2025
Maduro Claims Huawei Phone Cannot Be Hacked

Texas Sues PowerSchool Over Data Breach

September 9, 2025
Maduro Claims Huawei Phone Cannot Be Hacked

Maduro Claims Huawei Phone Cannot Be Hacked

September 9, 2025

Latest Alerts

Windows Defender Flaw Enables Hijack

Npm Packages Compromised In Attack

GPUGate Abuse of Google Ads and GitHub

iCloud Calendar Used For Phishing Emails

Czech Cyber Agency Warns On Chinese Tech

Atomic Stealer Masquerades As Cracked App

Subscribe to our newsletter

    Latest Incidents

    Hackers Steal Secrets In GitHub Attack

    Plex Users Told To Reset Passwords

    Lovesac Confirms Breach After Attack

    Azure Cloud Hit By Red Sea Cable Cuts

    Tenable Confirms Breach Of Customer Data

    US Probes Malicious Email On China Talks

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial