Supply Chain Attack Leads to 3CX Hack and Other Supply Chain Attacks
A supply chain attack on 3CX, a developer of VoIP solutions, was found to be caused by another supply chain compromise. The initial attack targeted Trading Technologies, which automates stock trading, and distributed trojanized versions of its software. 3CX's Phone System is used by over 600,000 companies worldwide, with more than 12 million daily users. The attack on 3CX occurred at the end of March 2023, compromising the 3CXDesktopApp and distributing malware to the company's customers. Mandiant experts, who helped 3CX investigate the incident, discovered that a trojanized X\_Trader installer from Trading Technologies was downloaded and installed on a 3CX employee's personal computer, leading to the deployment of a modular VEILEDSIGNAL backdoor. The UNC4736 group, associated with the financially motivated Lazarus hacker group from North Korea, stole corporate credentials from the employee's device and compromised the build environments for Windows and macOS. Malware: VeiledSignal, VEILEDSIGNAL, Coldcat, TAXHAUL, POOLRAT [View Article](https://gridinsoft.com/blogs/supply-chain-attack-3cx/)