all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack

Add to bookmarks
April 3, 2023, 12:15 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

On March 29, Crowdstrike published a report about a supply chain attack conducted via 3CXDesktopApp, a popular VoIP program. Since then, the security community has started analyzing the attack and sharing their findings. The following has been discovered so far:



  • The infection is spread via 3CXDesktopApp MSI installers. An installer for macOS has also been trojanized.

  • The malicious installation package contains an infected dll library that decrypts a shellcode from the d3dcompiler_47.dll library’s overlay and executes it.

  • The decrypted payload …

3cx 3cxdesktopapp attack backdoor community crowdstrike dll findings infection infostealer installation installer library macos malicious march msi overlay package payload popular program report security server sharing shellcode supply supply chain supply chain attack urls voip

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Talos discloses multiple zero-day vulnerabilities, two of which could lead to code execution an hour ago | malware.news
arbitrary code arbitrary code execution cisco cisco talos +19
Big Vulnerabilities in Next-Gen BIG-IP 2 hours ago | malware.news
accounts assets attacker attackers +13
Proactive cybersecurity emphasized by new Vermont CISO 2 hours ago | malware.news
article chief chief information security officer ciso +27
Guilty plea entered by e-BTC operator for money laundering 2 hours ago | malware.news
alexander vinnik article btc btc-e +19
Google unveils new Threat Intelligence platform 2 hours ago | malware.news
article cloud cybersecurity cybersecurity threats +20
Thwarted cyberattack targeted Library of Congress in tandem with October British Library breach 3 hours ago | malware.news
authentication breach british british library +13
Nearly 150K impacted by Kansas court system hack 3 hours ago | malware.news
administration article attack case +18
Economic, societal complexity fuels cybersecurity threats, says ONCD 3 hours ago | malware.news
advancements adversaries article competition +15
CISA extends CIRCIA rule comment period 3 hours ago | malware.news
act agency article circia +27

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior PAM Security Engineer

@ Experian | Hyderabad, India
View on infosec-jobs.com

Cybersecurity Analyst II

@ Spry Methods | Washington, DC (Hybrid)
View on infosec-jobs.com

Cyber Security Engineer

@ Expleo | Gothenburg, AC, Sweden
View on infosec-jobs.com

Cybersecurity – Information System Security Manager (ISSM)

@ Boeing | USA - Albuquerque, NM
View on infosec-jobs.com

Senior Security Engineer - Canada

@ DataVisor | Ontario, Canada - Remote
View on infosec-jobs.com

Cybersecurity Architect

@ HARMAN International | JP Tokyo 3-5-7 Ariake Koto-ku
View on infosec-jobs.com
View more jobs