LetsDefend Monitoring Alert

3CX DLL-Sideloading Attack Detected

Apr, 03, 2023, 01:26 PM

Event ID: 132

Event Time: Apr, 03, 2023, 01:26 PM

Rule Name: SOC182 - 3CX DLL-Sideloading Attack Detected

Alert Type: Generic

MITRE Technique:
T1195 - Initial Access - Supply Chain Compromise,
T1574 - Persistence - Hijack Execution Flow,

Real World Example:The 3CX VoIP Desktop Application has been compromised to deliver malware via legitimate 3CX updates.

Severity: High

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166