Cryptocurrency companies were among the targets of the recent 3CX supply chain attack, according to security researchers. The attack began with the compromise of 3CX, a VoIP provider used by businesses for communication services. Cyber attackers then installed a backdoor to gain access to victims’ networks.
According to reports, the Lazarus Group, a North Korean threat actor, is suspected to be behind the attack. Researchers discovered a second-stage backdoor installed in the compromised systems, which allowed attackers to gain persistent access to victims’ networks. The attack has impacted various industries, including finance, healthcare, and government.
Security experts have warned that supply chain attacks, like the one seen in the 3CX incident, are becoming increasingly common. Cryptocurrency companies, in particular, have become attractive targets due to the digital nature of their assets. Michael Hamilton, former CISO of the City of Seattle, stated, “Cryptocurrency is the perfect target for ransomware and supply chain attacks.”
Businesses can take steps to protect themselves against supply chain attacks by vetting their vendors and implementing strict security protocols. They should also have a plan in place in case of a breach, including regular backups of critical data.
As cyber attackers continue to evolve their tactics, it is essential for businesses to stay vigilant and proactive in their cyber defense measures. As noted by cybersecurity expert Bruce Schneier, “Security is a process, not a product.” By continuously assessing their security posture and implementing best practices, businesses can mitigate the risk of a supply chain attack and other cyber threats.
The 3CX breach highlights the growing threat of supply chain attacks and the need for organizations to implement stronger cybersecurity measures to protect themselves and their customers. The incident also serves as a reminder for cryptocurrency companies to be particularly vigilant, as they are often prime targets for cybercriminals. By staying up to date with the latest security trends and investing in robust security solutions, organizations can better defend against these types of attacks and ensure the safety of their sensitive data.
