all InfoSec news
3CX Supply Chain Attack Campaign
Security Boulevard securityboulevard.com
On March 29th 2023, CrowdStrike published a blog outlining a supply chain attack leveraging the 3CXDesktopApp - a softphone application from 3CX. The ThreatLabz Team immediately started hunting for IoCs on the Zscaler Cloud.
We observed infections dating back to February 2023 for both the Windows as well as the MacOS variant of the Trojanized 3CXDesktopApp installers.
Fig.1 - Infections dating back to February 2023 in Zscaler Cloud
In this case the Threat Actors targeted various industry verticals such as: …
3cx 3cxdesktopapp application attack back blog campaign case cloud crowdstrike dating february hunting industry infection infections iocs macos manufacturing march services supply supply chain supply chain attack team technology threat threat actors windows zscaler