Supply chain, Critical Infrastructure Security

US, European energy firms, others hit by 3CX-related supply chain attack

Two energy sector entities in the U.S. and Europe, as well as two other financial trading organizations, have been impacted by a software supply chain attack launched by North Korean state-sponsored threat operation Lazarus Group involving the use of a trojanized version of Trading Technologies' X_Trader software that was initially reported to have affected 3CX, according to The Record, a news site by cybersecurity firm Recorded Future. Trojanized X_Trader software is believed to have been used by Lazarus Group to deploy a supply chain attack on the clients and customers of 3CX, and the emergence of more victims suggests that the intrusion is more wide-ranging than previously thought, noted a report from Symantec, which also regarded the attack as financially motivated. "The attackers behind these breaches clearly have a successful template for software supply chain attacks and further, similar attacks cannot be ruled out," said researchers. Lazarus Group's association with the 3CX supply chain attack has already been confirmed by many cyber intelligence organizations, with ESET most recently noting the link between the command-and-control server leveraged in the 3CX attack and tools from an earlier Lazarus campaign.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.