North Korea Hacks Messaging App Used by 12 Million People Daily
Corporate Communication Program '3CX' Hacked
North Korean Hacker Group Identified as Attacker
North Korea is reported to have hacked the enterprise voice and video calling program ‘3CX,’ which is used by 12 million people daily.
On the 1st, the US-based Radio Free Asia (RFA) reported, “After analyzing the hacking method used to attack 3CX, the US cybersecurity firm CrowdStrike identified the attacker as ‘Labyrinth Chollima,’ a hacker group under North Korea’s Reconnaissance General Bureau affiliated with Lazarus.”
The ‘3CX’ homepage lists over 600,000 organizations across 190 countries as clients, including Coca-Cola, McDonald’s, Mercedes-Benz, Toyota, BMW, Honda, Air France, Pizza Hut, the UK National Health Service (NHS), and Holiday Inn Express. The daily user count exceeds 12 million.
US security firm Volexity diagnosed that “the attacker may have accessed 3CX’s servers at least since before November last year.” This means that the installation program for 3CX was already embedded with malware before being provided to customers.
![[Image source=Captured from the '3CX' homepage]](http://www.asiae.co.kr/news/img_view.htm?img=2023040113302274909_1680323423.png)
The malware they used collects system information and steals records, IDs, and passwords stored in web browsers such as Google Chrome. Moreover, it is feared that it could cause significant damage by monitoring corporate communication networks and collecting and retransmitting internal conversations and communications.
Currently, North Korea has about 7,000 cyber agents. These agents are usually selected from elementary and middle schools and trained as cyber agents at universities or operational institutions. After their 20s, they are reportedly dispatched to overseas bases disguised as trading companies to conduct cyberterrorism and confidential information gathering operations.
The United Nations and others report that North Korea earns funds necessary for nuclear and missile development through illegal cyber activities such as hacking and virtual asset theft, while also actively collecting information from governments and companies worldwide.
Hot Picks Today
If They Fail Next Year, Bonus Drops to 97 Million Won... A Closer Look at Samsung Electronics DS Division’s 600M vs 460M vs 160M Performance Bonuses
- Opening a Bank Account in Korea Is Too Difficult..."Over 150,000 Won in Notarization Fees Just for a Child's Account and Debit Card" [Foreigner K-Finance Status]②
- SpaceX Pursues 'Largest Ever' Mega IPO... Profitability of Space Business Still Unclear
- Room Prices Soar from 60,000 to 760,000 Won and Sudden Cancellations: "We Won't Even Buy Water in Busan" — BTS Fans Outraged
- "Who Is Visiting Japan These Days?" The Once-Crowded Tourist Spots Empty Out... What's Happening?
They are known to impersonate reporters from Voice of America (VOA) and KBS to gain online access to major institutions in the US and South Korea. Recently, a North Korean cyber attacker who infiltrated IT companies in the US and Japan as a technician by falsifying nationality was caught through local police investigations.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
!["Please Help Us": How Much Do Those Bowing 90 Degrees These Days Actually Earn? [Data Pick]](https://cwcontent.asiae.co.kr/asiaresize/307/2026052010120870131_1779239528.png)
