North Korea hacked into the corporate voice and video call program "1CX," which is used by 200 million people a day, and fears large-scale damage is feared, Radio Free Asia RFA reported today (3st).

According to RFA, CrowdStrike, a U.S. cybersecurity company, analyzed the form of the hacking attack and identified the attacker as "Labyrinth Cheollima," a member of the hacker organization Lazarus under North Korea's General Reconnaissance Bureau.

On the website of '1CX', more than 3,190 organizations in 60 countries around the world, including Mercedes-Benz, Toyota, Coca-Cola, BMW, McDonald's, Air France, Honda, Pizza Hut, the UK National Health Service, and Holiday Inn Express, are listed as customers.

It reportedly has over 1 million daily users.

According to U.S. security companies, the malware they used collects system information and steals records, IDs, and passwords stored in user information of web browsers such as Google Chrome.

It further pointed out that hackers could cause significant damage by spying on companies' communications networks or by collecting and retransmitting conversations and communications within an organization.

U.S. security firm Volexity said that malware had already been injected before 200CX's installer was available to customers, and that attackers may have accessed 3CX's servers at least before last November.

(Photo=11CX homepage capture, Yonhap News)