lazarus/3CXSupplyChain/README.MD


## 3CX Supply Chain

ESET
https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/

krebsonsecurity
https://krebsonsecurity.com/2023/04/3cx-breach-was-a-double-supply-chain-compromise/

Kaspersky 
https://securelist.com/gopuram-backdoor-deployed-through-3cx-supply-chain-attack/109344/

Volexity
https://www.volexity.com/blog/2023/03/30/3cx-supply-chain-compromise-leads-to-iconic-incident/

CrowdStrike
https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/

SentinelLabs
https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/

Sophos
https://news.sophos.com/en-us/2023/03/29/3cx-dll-sideloading-attack/

Huntress
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats

Elastic Ecurity Labs
https://www.elastic.co/security-labs/elastic-users-protected-from-suddenicon-supply-chain-attack

Reversing Labs
https://www.reversinglabs.com/blog/red-flags-fly-over-supply-chain-compromised-3cx-update

PAN(Palo Alto)
https://unit42.paloaltonetworks.com/3cxdesktopapp-supply-chain-attack/

Trend Micro Research
https://www.trendmicro.com/en_us/research/23/c/information-on-attacks-involving-3cx-desktop-app.html

CheckPoint Research
https://twitter.com/_CPResearch_/status/1641424448740810754

Objective See
https://objective-see.org/blog/blog_0x73.html

Fortinet
https://www.fortinet.com/blog/threat-research/3cx-desktop-app-compromised

Orange Cyberdefense
https://www.orangecyberdefense.com/global/blog/research/3cx-voip-app-supply-chain-compromise

Symantec (Broadcom)
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/3cx-supply-chain-attack

Cyble
https://blog.cyble.com/2023/03/31/a-comprehensive-analysis-of-the-3cx-attack/

Nextron Systems
https://www.nextron-systems.com/2023/03/31/using-thor-lite-to-scan-for-indicators-of-lazarus-activity-related-to-the-3cx-compromise/

Automox
https://www.automox.com/blog/3cx-desktop-app-compromised

Malwarebytes
https://www.malwarebytes.com/blog/news/2023/03/3cx-desktop-app-used-in-a-supply-chain-attack

Rapid7
https://www.rapid7.com/blog/post/2023/03/30/backdoored-3cxdesktopapp-installer-used-in-active-threat-campaign/

Talos (Cisco)
https://blog.talosintelligence.com/3cx-softphone-supply-chain-compromise/

Trustwave
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trustwave-action-response-supply-chain-attack-using-3cx-pbax-software/

Blackberry
https://blogs.blackberry.com/en/2023/03/initial-implants-and-network-analysis-suggest-the-3cx-supply-chain-operation-goes-back-to-fall-2022
Create README.MD 2023-04-03 15:41:47 +08:00
			`## 3CX Supply Chain`

Update README.MD 2023-04-24 16:52:59 +08:00			`ESET`
			`https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/`

Update README.MD 2023-04-24 18:40:02 +08:00			`krebsonsecurity`
			`https://krebsonsecurity.com/2023/04/3cx-breach-was-a-double-supply-chain-compromise/`

Update README.MD 2023-04-05 17:41:54 +08:00			`Kaspersky`
			`https://securelist.com/gopuram-backdoor-deployed-through-3cx-supply-chain-attack/109344/`

Create README.MD 2023-04-03 15:41:47 +08:00			`Volexity`
			`https://www.volexity.com/blog/2023/03/30/3cx-supply-chain-compromise-leads-to-iconic-incident/`

			`CrowdStrike`
			`https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/`
			`https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/`

			`SentinelLabs`
			`https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/`

			`Sophos`
			`https://news.sophos.com/en-us/2023/03/29/3cx-dll-sideloading-attack/`

			`Huntress`
			`https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats`

			`Elastic Ecurity Labs`
			`https://www.elastic.co/security-labs/elastic-users-protected-from-suddenicon-supply-chain-attack`

			`Reversing Labs`
			`https://www.reversinglabs.com/blog/red-flags-fly-over-supply-chain-compromised-3cx-update`

			`PAN(Palo Alto)`
			`https://unit42.paloaltonetworks.com/3cxdesktopapp-supply-chain-attack/`

			`Trend Micro Research`
			`https://www.trendmicro.com/en_us/research/23/c/information-on-attacks-involving-3cx-desktop-app.html`

			`CheckPoint Research`
			`https://twitter.com/_CPResearch_/status/1641424448740810754`

			`Objective See`
			`https://objective-see.org/blog/blog_0x73.html`

			`Fortinet`
			`https://www.fortinet.com/blog/threat-research/3cx-desktop-app-compromised`

			`Orange Cyberdefense`
			`https://www.orangecyberdefense.com/global/blog/research/3cx-voip-app-supply-chain-compromise`

			`Symantec (Broadcom)`
			`https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/3cx-supply-chain-attack`

			`Cyble`
			`https://blog.cyble.com/2023/03/31/a-comprehensive-analysis-of-the-3cx-attack/`

			`Nextron Systems`
			`https://www.nextron-systems.com/2023/03/31/using-thor-lite-to-scan-for-indicators-of-lazarus-activity-related-to-the-3cx-compromise/`

			`Automox`
			`https://www.automox.com/blog/3cx-desktop-app-compromised`

			`Malwarebytes`
			`https://www.malwarebytes.com/blog/news/2023/03/3cx-desktop-app-used-in-a-supply-chain-attack`

			`Rapid7`
			`https://www.rapid7.com/blog/post/2023/03/30/backdoored-3cxdesktopapp-installer-used-in-active-threat-campaign/`

			`Talos (Cisco)`
			`https://blog.talosintelligence.com/3cx-softphone-supply-chain-compromise/`

			`Trustwave`
			`https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trustwave-action-response-supply-chain-attack-using-3cx-pbax-software/`

			`Blackberry`
			`https://blogs.blackberry.com/en/2023/03/initial-implants-and-network-analysis-suggest-the-3cx-supply-chain-operation-goes-back-to-fall-2022`