SUDDENICON Supply Chain Attack
In recent research, Elastic Security Labs analyzed the SUDDENICON malware, which targeted users of the 3CX VOIP software in a sophisticated supply-chain attack. The attack involved malicious DLLs embedded within the 3CXDesktopApp, which laid dormant for several days before initiating communication with command-and-control servers to download additional payloads. This attack highlights the growing trend of targeting software supply chains to compromise otherwise legitimate applications.
For details on how Elastic detected and mitigated this attack, and to see the technical breakdown, check out the full post on the ESL blog: