SentinelOne has dubbed the attack “Smooth Operator,” while CrowdStrike suspects the involvement of a North Korean government-state actor known as LABYRINTH CHOLLIMA. CrowdStrike and SentinelOne cybersecurity researchers identified an unusual spike in malicious activity from a single, legitimate binary, 3CX Voice Over Internet Protocol (VOIP) desktop App (3CX Desktop App).
Read full article on HackRead