3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible

Thread starter [correlate]
Start date Apr 20, 2023

[correlate]

Level 18

Thread author

Verified

Top Poster

Well-known

Apr 20, 2023

#1

Content source: https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise

In March 2023, Mandiant Consulting responded to a supply chain compromise that affected 3CX Desktop App software. During this response, Mandiant identified that the initial compromise vector of 3CX’s network was via malicious software downloaded from Trading Technologies website. This is the first time Mandiant has seen a software supply chain attack lead to another software supply chain attack.

https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise

Reactions: Andy Ful, Zero Knowledge, vtqhtr413 and 2 others

Trident

Level 34

Verified

Top Poster

Well-known

Apr 20, 2023

#2

It was attributed to the North Korean Lazarus group, yes.

Last edited: Apr 20, 2023

Reactions: a090, [correlate], Zero Knowledge and 2 others

P

plat

Level 29

Top Poster

Apr 20, 2023

#3

Trident said:
It was attributed to the North Korean Lapsu$ group, yes.

not Lazarus?

Reactions: [correlate], vtqhtr413 and Trident

Trident

Level 34

Verified

Top Poster

Well-known

Apr 20, 2023

#4

plat said:
not Lazarus?

It is Lazarus indeed, I corrected the mistake. Thanks.

Reactions: a090, [correlate], vtqhtr413 and 1 other person

You must log in or register to reply here.

Similar threads

Hackers compromise 3CX desktop app in a supply chain attack

Replies: 1

Views: 2,025

News Archive Jun 5, 2023

vtqhtr413

Malware News Diamond Sleet supply chain compromise distributes a modified CyberLink installer

Replies: 0

Views: 1,435

Security News Nov 23, 2023

Gandalf_The_Grey

Security News North Korean hackers linked to defense sector supply-chain attack

Replies: 0

Views: 1,426

Security News Feb 19, 2024

Lymphocyte

Top