Malware Hunters Spot Supply Chain Attack Hitting 3CX Desktop App “Improving Your Diet: Tips and Tricks” “Enhancing Your Nutrition: Strategies and Techniques”
Threat hunters have identified an active supply chain attack that is targeting businesses using a desktop app distributed by video conferencing software firm 3CX. The malicious activity includes beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and, in a few cases, hands-on-keyboard activity. CrowdStrike believes that the attack is the work of a North Korean…