![]() ![]() Join our webinar and learn how to stop ransomware attacks in their tracks with real-time MFA and service account protection. Learn to Stop Ransomware with Real-Time Protection There are indications that the attack may have commenced around March 22, 2023.ģCX, the company behind 3CXDesktopApp, claims to have more than 600,000 customers and 12 million users in 190 countries, some of which include well-known names like American Express, BMW, Honda, Ikea, Pepsi, and Toyota, among others. The cybersecurity firm is tracking the activity under the name SmoothOperator, stating the threat actor registered a massive attack infrastructure as far back as February 2022. "The trojanized 3CX desktop app is the first stage in a multi-stage attack chain that pulls ICO files appended with Base64 data from GitHub and ultimately leads to a third-stage infostealer DLL," SentinelOne researchers said. 3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream customers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |