North Korean software supply chain attack targets stock investors. North Korean hacking group Thallium has been targeting a private stock investment messenger service in a supply chain attack, as reported this week. North Korean hacking group Thallium has targeted users of a private stock investment messenger service in a software supply chain attack, according to a report published this week. Up until now, the group mainly relied on phishing attacks , such as via Microsoft Office documents, to target its victims.