Analysis

43. 3CX Supply Chain Attack

p3ngdump 2023. 4. 6. 11:16

https://www.bleepingcomputer.com/news/security/hackers-compromise-3cx-desktop-app-in-a-supply-chain-attack/

 

Hackers compromise 3CX desktop app in a supply chain attack

A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company's customers in an ongoing supply chain attack.

www.bleepingcomputer.com

https://www.3cx.com/blog/news/desktopapp-security-alert/

https://www.malwarebytes.com/blog/news/2023/03/3cx-desktop-app-used-in-a-supply-chain-attack

 

IoC

- 11be1803e2e307b647a8a7e02d128335c448ff741bf06bf52b332e0bbf423b03

- 82a2dafd6ce594f2cf8588f32585c71be2180fc4cf9a144e300b1692f3de5807

- 7986bbaee8940da11ce089383521ab420c443ab7b15ed42aed91fd31ce833896

- 72349cf4971607c1bc66314069f0c864e8aa4336a663f2afbc2cb7e852465430

- 4f5ba87f8539711474e475c4e77c63dbb880d6bf4083b5fe97832fad6255b873

- 6e912515420f0a7f3898995fa252832e9a12fe1bde90deb0ff9ee6612505d206

- 851c2c99ebafd4e5e9e140cfe3f2d03533846ca16f8151ae8ee0e83c692884b7

반응형