A supply chain attack installed a backdoor in computers around the world but has only been deployed in fewer than ten computers, cybersecurity company Kaspersky has reported. The deployments showed a particular interest in cyptocurrency companies, it added.
Cybersecurity company Crowdstrike reported on March 29 that it has identified malicious activity on the 3CX softphone app 3CXDesktopApp. The app is marketed to corporate clients. The malicious activity detected included “beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and, in a small number of cases, hands-on-keyboard activity.”