Security News > 2023 > April > 3CX thought supply chain attack was a false positive

The CEO of VoiP software provider 3CX said his team tested its products in response to recent alerts notifying it of a supply chain attack, but assessed reports of a malware infestation were a false positive.

Nick Galea told The Register by email that 3CX did not ignore alerts but rather "Chose to double check our desktop app on VirusTotal and since it gave our app the all clear we considered the SentinelOne alert a false positive. It's not unusual for VoIP apps. We checked again a few days later and got the same result."

"We could only realize the extent of the breach after Crowdstrike gave us full details and then we immediately responded to the best of our abilities which by no means was Olympic medal standard," added Galea, who conceded that responding to a supply chain attack is, well, rather hard.

Ukrainian cuffed, faces extradition to US for allegedly orchestrating Kaseya ransomware infection US Treasury, Dept of Commerce hacks linked to SolarWinds IT monitoring software supply-chain attack Kaseya obtains REvil decryptor, starts sharing it with afflicted customers Do you use comms software from 3CX? What to do next after biz hit in supply chain attack.

In 3CX's latest update, posted April 1, Galea skated over the response to SentinelOne's reports, claiming 3CX took swift and appropriate action.

The incident is the most prominent supply chain attack since 2020's attack on SolarWinds software, also known as Sunburst, and 2021's Kaseya attack.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/04/03/3cx_false_positive_supply_chain_attack/