Top
image credit: Adobe Stock

3CX unified comms users hit by supply chain attacks

March 30, 2023

Category:

Customers of 3CX, a unified communications technology supplier, are being targeted by a North Korea-linked advanced persistent threat (APT) actor in a supply chain attack spreading via a compromised update to one of its products.

The developing incident was initially flagged independently by cyber security firms CrowdStrike and Sophos after being spotted in their telemetry.

CrowdStrike said it had observed “unexpected malicious activity” emanating from a legitimate, signed binary, the 3CXDesktopApp softphone. This activity included beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and in some instances, “hands-on” keyboard activity. It said it had seen this activity on both Windows and macOS systems.

Read More on Computer Weekly