Security News > 2023 > April > That 3CX supply chain attack keeps getting worse: Other vendors hit

That 3CX supply chain attack keeps getting worse: Other vendors hit
2023-04-24 03:27

In Brief We thought it was probably the case when the news came out, but now it's been confirmed: The X Trader supply chain attack behind the 3CX compromise last month wasn't confined to the telco developer.

For those unfamiliar with the incident, 3CX reported a supply chain attack that saw its 3CX DesktopApp compromised with a trojanized version of the X Trader futures trading app published by Trading Technologies.

It's still not immediately clear when or exactly where the supply chain attack started, but Symantec said it appears to be financially motivated and is targeting critical infrastructure targets.

As we noted in previous coverage of the 3CX attack, North Korea wouldn't be a surprise source.

Technical analysis of the malware by both Symantec and Mandiant found traces of VEILEDSIGNAL in the chain of attacks used to compromise installs of 3CX DesktopApp.

Google Chrome received important updates last week, including one that addressed a nasty bug - CVE-2023-2136, which is already under active attack.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/04/24/in_brief_security/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-04-19 CVE-2023-2136 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-190
critical
 9.6
9.6

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
3CX 6 0 16 8 6 30