More evidence links 3CX supply-chain attack to North Korean hacking group

A supply-chain attack on enterprise phone firm 3CX mirrored malware used by North Korea-based hacking group Lazarus, according to cybersecurity firms including SentinelOne, Sophos, and Crowdstrike. The compromised Windows and MacOS desktop apps affected an unknown number of the company’s 600,000 customers, allowing hackers to steal sensitive info from users’ web browsers. Companies listed as 3CX users include Mercedes-Benz, Coca-Cola, American Express, and the UK’s NHS.