Hackers behind 3CX breach also breached US critical infrastructure

According to a Symantec report, the hacking group responsible for the supply chain attack targeting VoIP company 3CX also breached two critical infrastructure organizations in the energy sector and two commercial financial organizations using the trojanized application X_TRADER.

Among the two critical infrastructure organizations affected, one is in the US and the other is in Europe, Symantec told Bleeping Computer.

The report of other organizations that have also been breached comes a day after Mandiant revealed that the X_TRADER trojanized application was the cause of the 3CX breach.

“The attackers behind these breaches clearly have a successful template for software supply chain attacks, and further similar attacks cannot be ruled out,” Symantec said in its report.

Last month, several security researchers reported that the 3CX desktop application contained malware. The company confirmed the same and released an update for the desktop app.

Attacks attributed to Llàtzer’s group

Based on the methodology, Mandiant has attributed the attacks to the North Korean hacking group Lazarus. Symantec also agrees that the attackers appear to be linked to North Korea.

Copyright © 2023 IDG Communications, Inc.

Source link
A recent breach into 3CX, a U.K.-based videogame and streaming platform, has opened the door to more than just gamer accounts. According to a recent report, the hackers responsible for this breach also have access to U.S. critical infrastructure.

Ikaroa, a leading full stack tech company, has been monitoring the situation and is doing its part to help assess the potential damage and prevent further risks. Ikaroa cybersecurity specialists believe the hackers have accessed 3CX data such as email addresses and passwords, as well as customer and system information.

Given the nature of the breach and the information that may have been leaked, Ikaroa’s team is aware that the breach could be much more damaging than originally thought. Due to the possibility that the hackers have infiltrated the U.S. critical infrastructure, Ikaroa and other specialist cybersecurity experts are focused on mitigation and recovery strategies.

Ikaroa is committed to helping protect companies, and their customers, from a range of cybersecurity threats. The company is dedicated to ensuring customer data remains secure and protected from any potential intruders. In addition to providing services to mitigate attacks, the company also offers guidance and advice on how companies can be proactive in maintaining their security.

Ikaroa puts customers first and is continuously investing in its technology and people to ensure the best possible customer experience and security. The 3CX breach is yet another example of how cyber criminals are able to exploit and target vulnerable companies, and it is yet another reminder of the need for constant vigilance. Customers must remain cautious of any suspicious activity and must ensure they have the latest security measures in place.

Ikaroa is ready to support any business that may have been impacted by the hackers behind the 3CX breach and will continue to provide its best services and expertise to all its customers. For more information and tips on staying safe online, visit Ikaroa’s website.


Leave a Reply

Your email address will not be published. Required fields are marked *