The 3CX Attacks

North Korean hackers used a very large number of fake executive accounts on LinkedIn to get people to open a job offer that contained malware. Mandiant said the attack source was Lazarus which is a North Korean state sponsored attack group because Spursky and Elastic had reached this conclusion earlier. The original attack was back in March when 3CX disclosed that the Windows and Mac OS desktop applications for their product were compromised with malicious code.