3CX Supply Chain Attack ‘SmoothOperator’
Tags
| attack-pattern: | Direct Dll Side-Loading - T1574.002 Domains - T1583.001 Domains - T1584.001 Software - T1592.002 Dll Side-Loading - T1073 |
Common Information
| Type | Value |
|---|---|
| UUID | be6a99c6-bb9c-416a-ac0d-465e0e6e6a89 |
| Fingerprint | f48d169f022f0559 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 30, 2023, 11:24 a.m. |
| Added to db | Nov. 6, 2023, 6:31 p.m. |
| Last updated | Nov. 17, 2024, 7:44 p.m. |
| Headline | 3CX Supply Chain Attack ‘SmoothOperator’ |
| Title | 3CX Supply Chain Attack ‘SmoothOperator’ |
| Detected Hints/Tags/Attributes | 40/1/20 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 205 | ✔ | Kudelski Security Research | https://research.kudelskisecurity.com/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 291 | raw.githubusercontent.com |
|
| Details | Domain | 20 | www.3cx.com |
|
| Details | Domain | 110 | www.reddit.com |
|
| Details | Domain | 71 | news.sophos.com |
|
| Details | Domain | 280 | thehackernews.com |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 36 | www.volexity.com |
|
| Details | File | 38 | 3cxdesktopapp.exe |
|
| Details | File | 50 | d3dcompiler_47.dll |
|
| Details | File | 62 | ffmpeg.dll |
|
| Details | File | 1 | 3cx-desktop-app-targeted-in-supply.html |
|
| Details | Url | 4 | https://github.com/iconstorages/images |
|
| Details | Url | 2 | https://www.3cx.com/blog/news/desktopapp-security-alert-updates |
|
| Details | Url | 5 | https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike |
|
| Details | Url | 2 | https://news.sophos.com/en-us/2023/03/30/3cx-desktop-attack-sophos-customer-information |
|
| Details | Url | 4 | https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack |
|
| Details | Url | 1 | https://thehackernews.com/2023/03/3cx-desktop-app-targeted-in-supply.html |
|
| Details | Url | 2 | https://www.cisa.gov/news-events/alerts/2023/03/30/supply-chain-attack-against-3cxdesktopapp |
|
| Details | Url | 1 | https://www.volexity.com/blog/2023/03/30/3cx-supply-chain-compromise-leads-to-iconic-incident |