Hackers behind 3CX breach also breached US critical infrastructure

The hacking group behind the 3CX VoIP company malware attack also compromised two critical infrastructure firms in the energy sector and two financial trading companies using the trojanized X_TRADER application. Symantec’s investigation suggests the attacks are linked to the North Korean group, Lazarus, noting a successful pattern in software supply chain strikes. Initial access was supposedly through an infected version of X_TRADER software, used for futures trading, installed on a 3CX employee’s personal computer.