3CX warns customers to disable SQL database integrations
VoIP communications company 3CX warned customers today to disable SQL Database integrations because of risks posed by what it describes as a potential vulnerability.
Software Maker 3CX Was Compromised in First-of-its-Kind Threaded Supply-Chain Hack
Hackers first compromised a different software maker and embedded malware in one of its programs. 3CX got compromised when a worker downloaded that program. It's not known why worker downloaded it.
X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe
North Korean-linked operation affected more organizations beyond 3CX, including two critical infrastructure organizations in the energy sector.
3CX Breach Was a Double Supply Chain Compromise
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts…
Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack
Similarities with newly discovered Linux malware used in Operation DreamJob corroborate the theory that the 3CX attack was carried out by Lazarus.
3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible
A software supply chain attack led to another software supply chain attack.
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack | Securelist
A DLL named guard64.dll, which was loaded into the infected 3CXDesktopApp.exe process, was used in recent deployments of a backdoor that we dubbed “Gopuram” and had been tracking internally since 2020.
3CX Desktop App Compromised (CVE-2023-29059)
FortiGuard Labs highlights how a digitally signed 3CX desktop app was reportedly used in a supply chain attack against 3CX Voice over Internet Protocol (VoIP) customers. Check back for analysis and coverage updates.
Information on Attacks Involving 3CX Desktop App
In this blog entry, we provide technical details and analysis on the 3CX attacks as they happen. We also discuss available solutions which security teams can maximize for early detection and mitigate the impact of 3CX attacks.
3CX VoIP Software Compromise & Supply Chain Threats
The 3CX VoIP Desktop Application has been compromised to deliver malware via legitimate 3CX updates. Huntress has been investigating this incident and working to validate and assess the current supply chain threat to the security community.
3CX Security Alert for Electron Windows App
A security issue arose on Update 7, version numbers 18.12.407 & 18.12.416 only for our Electron Windows App. Check this post for more info.
Ironing out (the macOS details) of a Smooth Operator
The 3CX supply chain attack, gives us an opportunity to analyze a trojanized macOS application
3CX: Supply Chain Attack Affects Thousands of Users Worldwide
North Korean-sponsored actors believed to be linked to attack that Trojanized several versions of 3CX DesktopApp
CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers
What Happened On March 29, 2023, Falcon OverWatch observed unexpected malicious activity emanating from a legitimate …
Hackers compromise 3CX desktop app in a supply chain attack
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company's customers in an ongoing supply chain attack.
3CX users under DLL-sideloading attack: What you need to know
A Trojanized version of the popular VOIP/PBX software is in the news; here’s what hunters and defenders are doing IOCs
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack | Securelist
A DLL named guard64.dll, which was loaded into the infected 3CXDesktopApp.exe process, was used in recent deployments of a backdoor that we dubbed “Gopuram” and had been tracking internally since 2020.
3CX Desktop App Compromised (CVE-2023-29059)
FortiGuard Labs highlights how a digitally signed 3CX desktop app was reportedly used in a supply chain attack against 3CX Voice over Internet Protocol (VoIP) customers. Check back for analysis and coverage updates.
Information on Attacks Involving 3CX Desktop App
In this blog entry, we provide technical details and analysis on the 3CX attacks as they happen. We also discuss available solutions which security teams can maximize for early detection and mitigate the impact of 3CX attacks.
3CX VoIP Software Compromise & Supply Chain Threats
The 3CX VoIP Desktop Application has been compromised to deliver malware via legitimate 3CX updates. Huntress has been investigating this incident and working to validate and assess the current supply chain threat to the security community.
3CX Security Alert for Electron Windows App
A security issue arose on Update 7, version numbers 18.12.407 & 18.12.416 only for our Electron Windows App. Check this post for more info.
Ironing out (the macOS details) of a Smooth Operator
The 3CX supply chain attack, gives us an opportunity to analyze a trojanized macOS application
3CX: Supply Chain Attack Affects Thousands of Users Worldwide
North Korean-sponsored actors believed to be linked to attack that Trojanized several versions of 3CX DesktopApp
CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers
What Happened On March 29, 2023, Falcon OverWatch observed unexpected malicious activity emanating from a legitimate …
Hackers compromise 3CX desktop app in a supply chain attack
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company's customers in an ongoing supply chain attack.
3CX users under DLL-sideloading attack: What you need to know
A Trojanized version of the popular VOIP/PBX software is in the news; here’s what hunters and defenders are doing [IOCs](https://github.com/sophoslabs/IoCs/blob/master/3CX%20IoCs%202023-03.csv)