Global Supply Chain Cyberattack Targets 3CX VoIP App
TL;DR Summary
Hackers are using a trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client to target the company's customers in a supply chain attack. The attackers are targeting both Windows and macOS users of the compromised 3CX softphone app. The malware is capable of harvesting system info and stealing data and stored credentials from Chrome, Edge, Brave, and Firefox user profiles. The trojanized version of 3CX's desktop client will connect to attacker-controlled domains. Multiple customers have reported that the VoIP client app was marked as malicious by various security software.
- Hackers compromise 3CX desktop app in a supply chain attack BleepingComputer
- SmoothOperator | Ongoing Campaign Trojanizes 3CXDesktopApp in Supply Chain Attack SentinelOne
- CrowdStrike Prevents 3CXDesktopApp Intrusion Campaign CrowdStrike
- 3CX VoIP App Compromised By Supply Chain Attack: Security Researchers CRN
- Supply chain cyberattack with possible links to North Korea could have thousands of victims globally CyberScoop
- View Full Coverage on Google News
Reading Insights
Total Reads
0
Unique Readers
1
Time Saved
4 min
vs 5 min read
Condensed
89%
858 → 92 words
Want the full story? Read the original article
Read on BleepingComputer