How did 3CX customers become the target of a Cyber Attack?
In March of this year a large-scale complex cyber attack targeted 3CX, an industry leading popular provider of internet-enabled voice calls which we provide and support for many of our customers. To read more about the cyber attack click here.
Following the attack, Cyber Security firm Mandiant (owned by Google), investigated the incident and discovered it was the result of a rarely seen supply-chain attack, where hackers infiltrated a third party a vendor to then gain access to other targets. Interestingly, this particular attack was found to have originated from another previous supply-chain attack. This marks the first time Mandiant has seen one supply-chain attack lead to another. Notable examples of past supply-chain attacks include the 2021 SolarWinds breach and the Kaseya breach, which affected numerous organisations worldwide.
According to Mandiant, a 3CX employee unknowingly installed malware-infected software from a previous victim of a supply-chain attack, Trading Technologies. The malware granted the hackers high-level access to 3CX’s systems, enabling them to deploy further malware tools throughout the organisation, granting them access to the code for their customer desktop application. Mandiant concluded that a North Korean hacking group, referred to as UNC4736, was responsible for compromising both 3CX and Trading Technologies. This group has a history of targeting crypto currency companies, highlighting the increasing cyber threat capabilities of North Korean threat actors.
The extent of the damage from these supply-chain attacks still remains unclear, however 3CX has over 12 million daily users world wide, who could potentially be affected. Charles Carmakal, Chief Technology Officer at Mandiant, expressed concerns about the number of organisations that may have been compromised without realising it. He noted that it may take weeks or months for victims to discover they have been compromised. This incident demonstrates the potential reach of such compromises, as well as the creativity and sophistication of North Korean regime-backed hackers in distributing malware and conducting offensive operations.
One2Call have been working with all of our 3CX Customers to ensure that they are as secure as possible following the attack, we acted fast to inform our customers of the 3CX Security Breach and worked with businesses to ensure that they uninstalled the Desktop App & recommended that they did not re-install it until our following communications confirmed it was safe. All of our EDR (Endpoint Detection & Response) customers were protected against this Zero Day Cyber Attack, as EDR was able to detect the unusual and malicious activity on endpoints to immediately prevent it. In response to the increasing Cyber Security Threats that our customers face we have increased out minimum Cyber Security level for our IT Support and Cyber Security customers to ensure that all businesses have Endpoint Detection & Response as standard throughout their business. We also urge all other businesses throughout to invest in EDR. If you would like to find out more about Endpoint Detection & Response and how it can benefit your business, click the link below.
Latest News Stories
One2Call Celebrates Owls Partnership with Match Sponsorship & Fans Prize Draw
One2Call celebrated its partnership with Sheffield Wednesday FC as trusted IT & Communications Partner by sponsoring the recent match against Burnley. Highlights included exclusive hospitality experiences for guests, a stadium-wide display of One2Call branding, and a prize draw for an Apple iPad, making it a memorable day for Owls fans and partners alike.
One2Call Announce New Partnership with Sheffield Wednesday FC
We are excited to announce our new partnership with Sheffield Wednesday Football Club for the upcoming EFL Championship season!
3 Cybersecurity Solutions That Can Help Avoid Costly Downtime
Discover the factors for choosing the perfect MSP partner. Get reliable technology services for your business with expert 24/7 support & detailed asset tracking
Our Customers
Testimonials
Sarah Wroe, Commercial Property Partners
Stayed late on a Friday evening to fix my computer. Thank you
Julia Wallace-Ross, Cornerstones Education
So grateful for Jordan coming out so quickly and helping me out.
Mark, Modern Creatives
Local, extremely helpful, prompt. Quick to react when there have been issues (not caused by One2call). Have recommended in the past to clients.