Security News > 2023 > April > Critical infrastructure also hit by supply chain attack behind 3CX breach
The X Trader software supply chain attack that led to last month's 3CX breach has also impacted at least several critical infrastructure organizations in the United States and Europe, according to Symantec's Threat Hunter Team.
While the Trading Technologies supply chain compromise is the result of a financially motivated campaign, the breach of multiple critical infrastructure organizations is worrisome, seeing that North Korean-backed hacking groups are also known for cyber espionage.
It's very likely that strategic organizations compromised as part of this supply chain attack will also be singled out for subsequent exploitation.
"The discovery that 3CX was breached by another, earlier supply chain attack made it highly likely that further organizations would be impacted by this campaign, which now transpires to be far more wide-ranging than originally believed," Symantec added.
"The attackers behind these breaches clearly have a successful template for software supply chain attacks and further, similar attacks cannot be ruled out."
On Thursday, Mandiant linked a North Korean threat group it tracks as UNC4736 to the cascading supply chain attack that hit VoIP company 3CX in March.
News URL
Related news
- Ivanti warns of another critical CSA flaw exploited in attacks (source)
- Israel’s Pager Attacks and Supply Chain Vulnerabilities (source)
- Critical Ivanti vTM auth bypass bug now exploited in attacks (source)
- Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks (source)
- Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw (source)
- CISA: Network switch RCE flaw impacts critical infrastructure (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)