Massive supply chain attack targets 3CX phone system users.
TL;DR Summary
Security researchers have discovered a supply chain attack targeting downstream customers of 3CX's voice and video-calling client, which is used by over 600,000 organizations worldwide. The trojanized version of the software is capable of stealing data and stored credentials from Google Chrome, Microsoft Edge, Brave, and Firefox user profiles. The attack appears to be a targeted Advanced Persistent Threat, possibly state-sponsored, and North Korean threat actor Labyrinth Chollima is suspected to be behind it. 3CX is urging its customers to uninstall the app and install it again or use its PWA client as a workaround.
Topics:business#3cx#advanced-persistent-threat#cybersecurity#infostealer-malware#supply-chain-attack#trojanized-software
- There’s a new supply chain attack targeting customers of a phone system with 12 million users TechCrunch
- Trojanized Windows and Mac apps rain down on 3CX users in massive supply chain attack Ars Technica
- Hackers compromise 3CX desktop app in a supply chain attack BleepingComputer
- SmoothOperator | Ongoing Campaign Trojanizes 3CXDesktopApp in Supply Chain Attack SentinelOne
- CrowdStrike Prevents 3CXDesktopApp Intrusion Campaign CrowdStrike
Reading Insights
Total Reads
0
Unique Readers
1
Time Saved
2 min
vs 3 min read
Condensed
77%
416 → 95 words
Want the full story? Read the original article
Read on TechCrunch