![]() Customers and endpoint detection providers have detected malicious activity stemming from legitimate and signed software from 3CX. Based on data recovered from GitHub, infrastructure used by the Windows variant was activated on Decemand domains and web infrastructure used in the attacks were registered as early as November 2022, according to Volexity. ![]() SentinelOne telemetry now sets the earliest infection attempt as March 8, 2023. When did the 3CX supply chain attack start? We since learned that Electron Mac App version numbers shipped with Update 6, and 18.12.402, 18.12.407 & 18.12.416 in Update 7 have also been affected. CEO Nick Galea said on March 30: “Early this morning we informed our partners and customers that our electron windows app shipped in Update 7, version numbers 18.12.407 & 18.12.416, included a severe security issue. Customers including a raft of blue chips like Avira, Chevron, CocaCola, Ikea, McDonalds, Mercedes Benz, the NHS, Schlumberger and numerous other well known brands. ![]() It claims 12 million users in 190 countries. ( The Stack has structured the below as a Q&A for an easy digest.) What is 3CX?ģCX is a business communications provider that offers internet-based (VoIP) call, video and live chat services. Here is what we know about the 3CX supply chain attack, as of April 3, 2023. You may have seen news about a 3CX supply chain attack and quite a significant amount of early and sometimes confusing noise around what happened.
0 Comments
Leave a Reply. |