3CX has released an interim report about Mandiant’s findings related to the compromise the company suffered last month, which resulted in a supply chain attack targeting cryptocurrency companies. They discovered that: The attackers infected targeted 3CX systems with TAXHAUL (aka “TxRLoader”) malware, which decrypts and executes shellcode containee in a file with a name and location aimed to make it to blend into standard Windows installations The executed shellcode is the COLDCAT downloader They also … More
The post 3CX compromise: More details about the breach, new PWA app released appeared first on Help Net Security.
