https://www.bleepingcomputer.com/ne...ise-3cx-desktop-app-in-a-supply-chain-attack/
This was a fun one to deal with. We had a CrowdStrike alert 12 hours before 3CX came out and acknowledged it.
"The malicious activity includes beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and, in a small number of cases, hands-on-keyboard activity," CrowdStrike's threat intel team said.
This was a fun one to deal with. We had a CrowdStrike alert 12 hours before 3CX came out and acknowledged it.
"The malicious activity includes beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and, in a small number of cases, hands-on-keyboard activity," CrowdStrike's threat intel team said.