Security News > 2023 > March > Do you use comms software from 3CX? What to do next after biz hit in supply chain attack
Two security firms have found what they believe to be a supply chain attack on communications software maker 3CX - and the vendor's boss is advising users to switch to the progressive web app until the 3CX desktop client is updated.
Its customers are said to include the NHS in the UK, American Express, Coca Cola, and MIT. It still sells VoIP systems, and it's exactly those that appear to have fallen victim to a supply chain attack.
3CX CEO Nick Galea confirmed the attack and added some details and recommendations for customers.
"The trojanized 3CXDesktopApp is the first stage in a multi-stage attack chain that pulls ICO files appended with base64 data from Github and ultimately leads to a 3rd stage infostealer DLL still being analyzed as of the time of writing," said SentinelOne.
Supply chain attacks have been a growing threat since 2020's Solar Wind incident.
The 3CX attack is the most prominent since Solar Winds, and the Kaseya crisis that followed.
News URL
Related news
- North Korea targets crypto developers via NPM supply chain attack (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- GitHub supply chain attack spills secrets from 23,000 projects (source)
- Supply chain attack on popular GitHub Action exposes CI/CD secrets (source)
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- GitHub Action hack likely led to another in cascading supply chain attack (source)
- GitHub Action supply chain attack exposed secrets in 218 repos (source)
- Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)