Security News > 2023 > March > Do you use comms software from 3CX? What to do next after biz hit in supply chain attack
Two security firms have found what they believe to be a supply chain attack on communications software maker 3CX - and the vendor's boss is advising users to switch to the progressive web app until the 3CX desktop client is updated.
Its customers are said to include the NHS in the UK, American Express, Coca Cola, and MIT. It still sells VoIP systems, and it's exactly those that appear to have fallen victim to a supply chain attack.
3CX CEO Nick Galea confirmed the attack and added some details and recommendations for customers.
"The trojanized 3CXDesktopApp is the first stage in a multi-stage attack chain that pulls ICO files appended with base64 data from Github and ultimately leads to a 3rd stage infostealer DLL still being analyzed as of the time of writing," said SentinelOne.
Supply chain attacks have been a growing threat since 2020's Solar Wind incident.
The 3CX attack is the most prominent since Solar Winds, and the Kaseya crisis that followed.
News URL
Related news
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)