Security News > 2023 > April > 3CX thought supply chain attack was a false positive
The CEO of VoiP software provider 3CX said his team tested its products in response to recent alerts notifying it of a supply chain attack, but assessed reports of a malware infestation were a false positive.
Nick Galea told The Register by email that 3CX did not ignore alerts but rather "Chose to double check our desktop app on VirusTotal and since it gave our app the all clear we considered the SentinelOne alert a false positive. It's not unusual for VoIP apps. We checked again a few days later and got the same result."
"We could only realize the extent of the breach after Crowdstrike gave us full details and then we immediately responded to the best of our abilities which by no means was Olympic medal standard," added Galea, who conceded that responding to a supply chain attack is, well, rather hard.
Ukrainian cuffed, faces extradition to US for allegedly orchestrating Kaseya ransomware infection US Treasury, Dept of Commerce hacks linked to SolarWinds IT monitoring software supply-chain attack Kaseya obtains REvil decryptor, starts sharing it with afflicted customers Do you use comms software from 3CX? What to do next after biz hit in supply chain attack.
In 3CX's latest update, posted April 1, Galea skated over the response to SentinelOne's reports, claiming 3CX took swift and appropriate action.
The incident is the most prominent supply chain attack since 2020's attack on SolarWinds software, also known as Sunburst, and 2021's Kaseya attack.
News URL
Related news
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- Ultralytics Supply-Chain Attack (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)