A recent supply chain attack has put a massive number of Windows and Mac users at risk, as attackers have managed to infiltrate the popular telephone system software 3CX and install trojanized versions of both these platforms. The attackers have managed to exploit a vulnerability in the system, resulting in malicious payloads being inserted into the application that would give attackers full control of the system.
The attack was first discovered by researchers from Check Point, who noticed that malicious files were being delivered to 3CX users as part of the application’s updates. The malicious payloads were essentially trojans, which are malicious files that are difficult to detect, as they masquerade as legitimate applications and can compromise a user’s computer without their knowledge.
Once the trojanized versions of the 3CX software were installed, the attackers would gain remote access to the victim’s computer, granting them access to sensitive information stored on the computer. This could include anything from personal data to financial details, and the attacker could then use this information to access online services or steal money from the user.
The attack appears to have been carried out by a cybercrime group known as ‘Vahaviy’, who have been linked to similar attacks in the past. The attack on 3CX is thought to have been part of a larger campaign targeting several other businesses in the same industry.
Fortunately, the 3CX team acted quickly and released a security update to fix the vulnerability in their software, stopping the attackers from being able to use the trojanized versions of the software. Users are advised to update their 3CX software as soon as possible in order to protect themselves from the attack.
This supply chain attack highlights the importance of security measures being taken to protect users of software products. Businesses need to ensure that their software is secure and regularly updated to protect their customers from these types of attacks, as it is often the case that these attacks are difficult to detect until it is too late. Consumers should also ensure that they are keeping their software up to date in order to avoid becoming victims of such attacks.
Hey Subscribe to our newsletter for more articles like this directly to your email.