{"id":51539,"date":"2023-04-20T15:33:36","date_gmt":"2023-04-20T15:33:36","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34536\/Another-Supply-Chain-Attack-Discovered-During-3CX-Investigation.html"},"modified":"2023-04-20T15:33:36","modified_gmt":"2023-04-20T15:33:36","slug":"another-supply-chain-attack-discovered-during-3cx-investigation","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/","title":{"rendered":"Another Supply Chain Attack Discovered During 3CX Investigation"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/03\/VOIP.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Researchers at Mandiant Consulting say a compromise of 3CX desktop application software disclosed last month was facilitated by another, separate software supply chain breach of a rogue third-party stock trading application downloaded by an employee.<\/p>\n<p>In March, 3CX chief information security officer Pierre Jourdan <a href=\"https:\/\/www.scmagazine.com\/news\/threat-intelligence\/supply-chain-attack-hits-3cx-voip-software-drops-malware-to-hosts\" target=\"_blank\" rel=\"noreferrer noopener\">announced<\/a> that an update for the company\u2019s Windows and Mac versions of their Electron desktop application software had been corrupted by a malicious actor, leaving any customers who downloaded it vulnerable to a range of different malware attacks, browser datamining, credential theft and the deployment of command shells. &nbsp;<\/p>\n<p>At the time, Jourdan blamed the infected build on \u201cone of the bundled [software] libraries we compiled into the Windows Electron App\u201d but the initial disclosure did not identify or specify the affected software, nor did an April 11 <a href=\"https:\/\/www.3cx.com\/blog\/news\/mandiant-initial-results\/\" target=\"_blank\" rel=\"noreferrer noopener\">interim assessment<\/a> from Mandiant, which was hired to lead the investigation.<\/p>\n<p>Now in an <a href=\"https:\/\/www.mandiant.com\/resources\/blog\/3cx-software-supply-chain-compromise\" target=\"_blank\" rel=\"noreferrer noopener\">update<\/a> Thursday, the Google-owned Mandiant said it has identified what it believes to be the initial intrusion vector: an outdated and corrupted version of X_Trader, a software program used to trade stocks and futures.<\/p>\n<p>Charles Carmakal, chief technology officer at Mandiant, told reporters Wednesday that the compromise began in 2022 when a 3CX employee downloaded a version of X_Trader from the Trading Technologies website that contained a backdoor exploit similar to the one discovered in 3CX\u2019s desktop app. The affected version of X_Trader was discontinued in 2020, but according to Mandiant it was still available for download on the Trading Technologies website as recently as 2022, with a valid certificate signed by \u201cTrading Technologies International Inc.\u201d<\/p>\n<p>That backdoor allowed malicious hackers to gain access to the employee\u2019s computer, which they used to move laterally through 3CX\u2019s network until gaining access to the Electron app\u2019s Windows and Mac build environments, where they were able to insert the corrupted code.<\/p>\n<p>\u201cThis is the first time in history that Mandiant has ever observed a software supply chain attack of one company lead to the software supply chain attack of another company and another product,\u201d said Carmakal.<\/p>\n<p>It\u2019s not clear how the actors initially compromised X_Trader\u2019s software, or why the 3CX employee downloaded a version of X_Trader on their work computer. Carmakal said Mandiant notified Trading Technologies about the infected version of their program on April 11 but stressed that their visibility over this portion of the infection chain is limited because they were not part of the company&#8217;s incident response. He noted that because the infected version of X_Trader had been out of date for years, the impact and spread is likely smaller than it would have been for a more active version of the software.<\/p>\n<p>When reached for comment, a representative from Trading Technologies told SC Media that they are still investigating Mandiant\u2019s claims and expressed confusion as to why a 3CX employee would have downloaded an expired and unsupported version of their software, saying the telephony provider is not among their vendors or customers and &#8220;there is no business relationship between the two companies.\u201d<\/p>\n<p>\u201cWe have no idea why an employee of 3CX would have downloaded X_TRADER. The X_TRADER software referenced in Mandiant\u2019s report was a professional trading software package for institutional derivatives trading that was decommissioned in April 2020,&#8221; a spokesperson told SC Media through email. &#8220;Our clients received multiple communications over the 18-month sunset period notifying them that we would no longer support or service X_TRADER beyond April 2020. There was no reason for anyone to download the software given that [we] stopped hosting, supporting and servicing X_TRADER after early 2020.\u201d<\/p>\n<h2>Details on 3CX victims remain scant<\/h2>\n<p>According to their website, 3CX has <a href=\"https:\/\/usa.kaspersky.com\/blog\/supply-chain-attack-on-3cx\/28063\/\" target=\"_blank\" rel=\"noreferrer noopener\">more than 600,000 companies<\/a> as clients, including American Express, BMW, Air France, Toyota, IKEA and others. A search on Shodan on March 30 <a href=\"https:\/\/usa.kaspersky.com\/blog\/supply-chain-attack-on-3cx\/28063\/\" target=\"_blank\" rel=\"noreferrer noopener\">found<\/a> more than 240,000 3CX exposed phone management systems, while one managed security service provider, Huntress, <a href=\"https:\/\/www.huntress.com\/blog\/3cx-voip-software-compromise-supply-chain-threats\" target=\"_blank\" rel=\"noreferrer noopener\">reported<\/a> it has sent out more than 2,783 incident reports where the 3CXDesktopApp.exe binary matches known malicious hashes and had a signed certificate from 3CX on March 13.<\/p>\n<p>However, Carmakal declined to provide hard figures around how many 3CX\u2019s customers are known to be infected or compromised in the attack, saying it\u2019s likely more victims will come forward as Mandiant and others continue to publish research into affected products and systems.<\/p>\n<p>\u201cRight now, we don\u2019t have great visibility into who the downstream victims are. We think over time we\u2019ll get better visibility \u2026 I think there\u2019s just a number of organizations that don\u2019t yet know that they\u2019re compromised, that will end up reaching out to us over time,\u201d he said.<\/p>\n<p>Mandiant and other threat intelligence companies have tentatively <a href=\"https:\/\/www.scmagazine.com\/analysis\/third-party-risk\/mandiant-bolsters-the-case-that-north-korean-hackers-were-behind-3cx-supply-chain-hack\" target=\"_blank\" rel=\"noreferrer noopener\">attributed<\/a> the attack to a group with a North Korean-nexus. Ben Read, director of cyber espionage analysis at Mandiant, said they have not yet seen a downstream compromise that clearly indicates motive, but noted that 3CX\u2019s software is built for corporate environments and the activity appears to have substantial overlap with previous North Korea-aligned groups and campaigns that have historically targeted cryptocurrency companies and conducted financially motivated attacks.<\/p>\n<p>Specifically, Mandiant has assessed with \u201cmoderate confidence\u201d that the activity is linked to \u201cAppleJeus,\u201d a <a href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa21-048a\" target=\"_blank\" rel=\"noreferrer noopener\">North Korea-linked campaign<\/a> targeting cryptocurrency exchanges and financial service companies in 32 countries (including the U.S.) by disseminating cryptocurrency trading applications that have been modified to include malware that facilitates theft of cryptocurrency.<\/p>\n<p>\u201cThese folks are highly resourced, and they are after money. It sort of shows where North Korea is putting their best cyber teams, really on the financially motivated stuff,\u201d Read said.<\/p>\n<p>Carmakal noted that while this is the first time Mandiant has seen an actor use one supply chain compromise to execute another, previous supply chain attacks the company has investigated have mirrored the same potential desire.<\/p>\n<p>Most notably, he said there is substantial evidence that the Russian SVR-linked hacking group involved in the infamous SolarWinds\/SUNBURST <a href=\"https:\/\/www.scmagazine.com\/news\/content\/disconnect-or-power-down-after-high-profile-hacks-cisa-demands-drastic-solarwinds-mitigation\" target=\"_blank\" rel=\"noreferrer noopener\">incident<\/a> in 2020 was &#8220;poking around in source code environments and build environments&#8221; in a way that indicated a similar interest in potentially chaining together software supply chain attacks to infect a broader pool of victims downstream. He said Mandiant hasn&#8217;t ruled out the possibility that there are additional undiscovered software compromises linked to the 3CX intrusion.<\/p>\n<p>&#8220;It&#8217;s our assessment that [the Russian hackers] likely would have wanted to conduct other software supply chain attacks, but we think they were caught off guard when we detected the incident at FireEye and end up disclosing it,&#8221; Carmakal said.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34536\/Another-Supply-Chain-Attack-Discovered-During-3CX-Investigation.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":51540,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[10479],"class_list":["post-51539","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerdata-lossgoogle"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Another Supply Chain Attack Discovered During 3CX Investigation 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Another Supply Chain Attack Discovered During 3CX Investigation 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-20T15:33:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/03\/VOIP.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Another Supply Chain Attack Discovered During 3CX Investigation\",\"datePublished\":\"2023-04-20T15:33:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/\"},\"wordCount\":1094,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/another-supply-chain-attack-discovered-during-3cx-investigation.jpg\",\"keywords\":[\"headline,hacker,data loss,google\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/\",\"name\":\"Another Supply Chain Attack Discovered During 3CX Investigation 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/another-supply-chain-attack-discovered-during-3cx-investigation.jpg\",\"datePublished\":\"2023-04-20T15:33:36+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/another-supply-chain-attack-discovered-during-3cx-investigation.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/another-supply-chain-attack-discovered-during-3cx-investigation.jpg\",\"width\":2121,\"height\":1414},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-supply-chain-attack-discovered-during-3cx-investigation\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,data loss,google\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerdata-lossgoogle\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Another Supply Chain Attack Discovered During 3CX Investigation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Another Supply Chain Attack Discovered During 3CX Investigation 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/","og_locale":"en_US","og_type":"article","og_title":"Another Supply Chain Attack Discovered During 3CX Investigation 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-04-20T15:33:36+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/03\/VOIP.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Another Supply Chain Attack Discovered During 3CX Investigation","datePublished":"2023-04-20T15:33:36+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/"},"wordCount":1094,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/04\/another-supply-chain-attack-discovered-during-3cx-investigation.jpg","keywords":["headline,hacker,data loss,google"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/","url":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/","name":"Another Supply Chain Attack Discovered During 3CX Investigation 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/04\/another-supply-chain-attack-discovered-during-3cx-investigation.jpg","datePublished":"2023-04-20T15:33:36+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/04\/another-supply-chain-attack-discovered-during-3cx-investigation.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/04\/another-supply-chain-attack-discovered-during-3cx-investigation.jpg","width":2121,"height":1414},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/another-supply-chain-attack-discovered-during-3cx-investigation\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,data loss,google","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerdata-lossgoogle\/"},{"@type":"ListItem","position":3,"name":"Another Supply Chain Attack Discovered During 3CX Investigation"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/51539","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=51539"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/51539\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/51540"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=51539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=51539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=51539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}