3CX: 3CX Desktop App Security Incident Results
3XC, the provider of the popular Phone System VOIP/PBX software, had an issue with a trojanized version of the 3CX desktop app. With 600.000 customers in 190 countries waiting for answers, 3CX employed specialist Mandiant as the investigation team for the forensic analysis. Now the first findings are available that it is probably a North Korean APT group. Based on Mandiant's previous investigation into the 3CX intrusion and supply chain attack, they assign the activity to a cluster called UNC4736. Mandiant believes with a high degree of certainty that UNC4736 has a North Korean connection. Windows-based malware client…