3CX VOIP Compromised & Supply Chain Threat
68,800
Published 2023-03-30
Resources & References surrounding the 3CX exploitation:
CrowdStrike’s original Reddit reporting
www.reddit.com/r/crowdstrike/comments/125r3uu/2023…
CrowdStrike’s formal blog post
www.crowdstrike.com/blog/crowdstrike-detects-and-p…
Todyl’s reporting www.todyl.com/blog/post/threat-advisory-3cx-softph…
SentinelOne’s reporting
s1.ai/smoothoperator
Discussion on the 3CX forum and public bulletin board
www.3cx.com/community/threads/threat-alerts-from-s…
www.3cx.com/community/threads/3cx-desktop-app-vuln…
www.3cx.com/community/threads/crowdstrike-endpoint…
3CX CEO first official notification
www.3cx.com/community/threads/3cx-desktopapp-secur…
Nextron System’s Sigma and YARA rules for detection
github.com/Neo23x0/signature-base/blob/master/yara…
Unofficial OTX AlientVault Pulse
otx.alienvault.com/pulse/64249206b02aa3531a78d020
Kevin Beaumont’s commentary
cyberplace.social/@GossiTheDog/110108640236492867
Patrick Wardle’s commentary on the Mac variant
twitter.com/patrickwardle/status/16412942478770216…
objective-see.org/blog/blog_0x73.html
Huntress blog
www.huntress.com/blog/3cx-voip-software-compromise…