Cyber Resilience

3CX desktop-app supply chain compromise (THREEC-X-2023)

Supply-chain compromise · disclosed 2023-03-29 · region: International · primary attribution: Lazarus Group

Sectors touched: Software Publishers

DPRK-attributed double-supply-chain attack: trojanised 3CX desktop installer (distributed to ~600k orgs) traced back to an earlier compromise of Trading Technologies (X_TRADER software). First publicly-confirmed cascading-supply-chain compromise.

Supply-chain flow

ATTACKERCOMPROMISED VENDORDOWNSTREAM VICTIMSLazarus GroupLazarus Group3CX3CX~600,000 installs~600,000 installs

Trojanised 3CX reached ~600,000 installs downstream.

Named victims

Linked sources

This canonical entry pulls together coverage from the other data layers — curated narrative above; raw sources below.

Sources

« All landmark incidents  ·  All actors  ·  All victims