LetsDefend Monitoring Alert
3CX DLL-Sideloading Attack Detected
Apr, 03, 2023, 01:26 PM
Event ID: 132
Event Time: Apr, 03, 2023, 01:26 PM
Rule Name: SOC182 - 3CX DLL-Sideloading Attack Detected
Alert Type: Generic
MITRE Technique:
T1195 - Initial Access - Supply Chain Compromise,
T1574 - Persistence - Hijack Execution Flow,
Real World Example:⭐ The 3CX VoIP Desktop Application has been compromised to deliver malware via legitimate 3CX updates.
Severity: High
Incident Responder