Two energy sector entities in the U.S. and Europe, as well as two other financial trading organizations, have been impacted by a software supply chain attack launched by North Korean state-sponsored threat operation Lazarus Group involving the use of a trojanized version of Trading Technologies' X_Trader software that was initially reported to have affected 3CX, according to The Record, a news site by cybersecurity firm Recorded Future.
Trojanized X_Trader software is believed to have been used by Lazarus Group to deploy a supply chain attack on the clients and customers of 3CX, and the emergence of more victims suggests that the intrusion is more wide-ranging than previously thought, noted a report from Symantec, which also regarded the attack as financially motivated.
"The attackers behind these breaches clearly have a successful template for software supply chain attacks and further, similar attacks cannot be ruled out," said researchers.
Lazarus Group's association with the 3CX supply chain attack has already been confirmed by many cyber intelligence organizations, with ESET most recently noting the link between the command-and-control server leveraged in the 3CX attack and tools from an earlier Lazarus campaign.
Okta had 4,961 current and former employees' data, including names, health insurance plan numbers, and Social Security numbers, compromised following a breach at its third-party vendor Rightway Healthcare, reports The Register.
Optimizing AppSec: A Deep Dive into ASPM’s Risk-Based Approach
Reducing silos between Developers and AppSec in your Software Supply Chain with Snyk and ServiceNow
Perfecting the third-party lifecycle: Conquering risk in every phase
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news