Hackers behind 3CX breach also breached US critical infrastructure

24 April 2023

The hacking group responsible for the supply-chain attack targeting VoIP company 3CX also breached two critical infrastructure organizations in the energy sector and two financial trading organizations using the trojanized X_TRADER application, according to a report by Symantec. Among the two affected critical infrastructure organizations, one is located in the US while the other is in Europe, Symantec told Bleeping Computer. The report of other organizations also being breached comes a day after Mandiant revealed that trojanized X_TRADER application was the cause of the 3CX breach. “The attackers behind these breaches clearly have a successful template for software supply chain attacks and further similar attacks cannot be ruled out,” Symantec said in its report. Last month, several security researchers reported that the 3CX Desktop App had malware in it.

Read full article on CSO Online

Date:

24 April 2023

Categorie(s):

NEWS

Tag(s):

3CX, Cyber Threats, Hacking, IT, News

Earth Day: The surprising connection of cybersecurity and sustainability30 April 2024
F5 shares fall over 9% on disappointing earnings outlook30 April 2024
AT&T, Verizon, Sprint, T-Mobile US fined $200M for selling off people’s location info29 April 2024
Board’s Pivotal Role in Cybersecurity as CISO-CEO Communication Gaps Continue – BSW #34829 April 2024
Meet Silver SAML: Golden SAML in the Cloud – Eric Woodruff – BSW #34829 April 2024