Researchers from multiple security companies have reported that a massive supply chain attack on users of 3CX, a widely utilized voice and video calling desktop client, was carried out by computer hackers working on behalf of the government of North Korea. The attack targeted users of the Windows and macOS operating systems. 3CX users may make calls, examine the status of colleagues, chat, plan a video conference, and check voicemails all from the desktop program by using the 3CXDesktopApp, which is accessible for Windows, macOS, Linux, and mobile devices.
The attack resulted in the compromising of the software build system that was used to generate and distribute versions of the app for Windows and macOS. The app delivers VoIP and PBX services to “over 600,000 clients,” some of which include American Express, Mercedes-Benz, and Price Waterhouse Cooper. Since the attackers controlled the software development system, they were able to insert malware into 3CX applications, even though those applications had been digitally signed using the official signing key for the firm.
This is a traditional kind of attack on supply chains, and its purpose is to take advantage of the trust connections that exist between an organization and third parties.
Comments are closed.