
Unleashing the Threat: Inside the SmoothOperator Supply Chain Attack on 3CX VOIP Desktop Client
SmoothOperator3CXSupply Chain AttackVoIP IPBX
A new supply chain attack called SmoothOperator is currently targeting 3CX's VoIP desktop client, which could cause significant impact due to the company's diverse and valued customer profile. The attackers use a trojanized version of the software to steal information from Windows and macOS users.
Indicators of Compromise
azureonlinecloud.comSOCRadar2023-03-30
zacharryblogs.comSOCRadar2023-03-30
journalide.orgSOCRadar2023-03-30
sourceslabs.comSOCRadar2023-03-30
akamaicontainer.comSOCRadar2023-03-30
officeaddons.comSOCRadar2023-03-30
pbxphonenetwork.comSOCRadar2023-03-30
msedgepackageinfo.comSOCRadar2023-03-30
dunamistrd.comSOCRadar2023-03-30
azuredeploystore.comSOCRadar2023-03-30
pbxsources.comSOCRadar2023-03-30
visualstudiofactory.comSOCRadar2023-03-30
akamaitechcloudservices.comSOCRadar2023-03-30
msstorageboxes.comSOCRadar2023-03-30
sbmsa.wikiSOCRadar2023-03-30
pbxcloudeservices.comSOCRadar2023-03-30
msstorageazure.comSOCRadar2023-03-30
azureonlinestorage.comSOCRadar2023-03-30
glcloudservice.comSOCRadar2023-03-30
APT Groups1
Lazarus GroupKorea, Democratic People's Republic of
Labyrinth ChollimaHidden CobraDiamond SleetGroup 77Whois Hacking TeamAPT-C-26NewRomanic Cyber Army TeamUNC2970UNC577TraderTraitorTA404SectorA01ATK 3Gods DisciplesApplewormGuardians of PeaceUNC4736DEV-0139ITG03Lazarus GroupUNC4034Jade SleetZincHastati GroupUNC4899Gods Apostles
Campaign Guidance
Remediation, mitigation, notes, history and related intelligence
| Tactic | Technique ID | Technique Name |
| Initial Access | T1195 | Supply Chain Compromise |
| Execution | T1204.002 | User Execution: Malicious File |
| Defense Evasion | T1140 T1027 T1574.002 T1497.003 | Deobfuscate/Decode Files or Information Obfuscated Files or Information Hijack Execution Flow: DLL Side-Loading Virtualization/Sandbox Evasion: Time-Based Evasion |
| Credential Access | T1555 T1539 | Credentials from Password Stores Steal Web Session Cookie |
| Command and Control | T1071 | Application Layer Protocol |
Reports & References3
Observed Countries250
AD (175)
AE (643)
AF (541)
AG (589)
AI (115)
AL (555)
AM (698)
AO (256)
AQ (565)
AR (505)
AS (568)
AT (974)
AU (4)
AW (31)
AX (794)
AZ (742)
BA (969)
BB (185)
BD (462)
BE (970)
BF (886)
BG (146)
BH (878)
BI (399)
BJ (748)
BL (42)
BM (137)
BN (642)
BO (117)
BQ (134)
BR (829)
BS (277)
BT (130)
BV (813)
BW (798)
BY (823)
BZ (399)
CA (297)
CC (250)
CD (283)
CF (348)
CG (190)
CH (232)
CI (509)
CK (967)
CL (473)
CM (328)
CN (113)
CO (389)
CR (957)
CU (523)
CV (510)
CW (715)
CX (99)
CY (894)
CZ (290)
DE (373)
DJ (691)
DK (510)
DM (298)
DO (551)
DZ (653)
EC (99)
EE (260)
EG (352)
EH (866)
ER (245)
ES (646)
ET (293)
FI (151)
FJ (390)
FK (436)
FM (180)
FO (589)
FR (103)
GA (963)
GB (475)
GD (788)
GE (690)
GF (433)
GG (232)
GH (286)
GI (25)
GL (764)
GM (690)
GN (925)
GP (527)
GQ (892)
GR (131)
GS (900)
GT (325)
GU (901)
GW (193)
GY (281)
HK (334)
HM (463)
HN (305)
HR (47)
HT (733)
HU (728)
ID (420)
IE (484)
IL (149)
IM (486)
IN (825)
IO (60)
IQ (6)
IR (98)
IS (158)
IT (583)
JE (3)
JM (461)
JO (469)
JP (351)
KE (238)
KG (857)
KH (475)
KI (159)
KM (693)
KN (740)
KP (893)
KR (783)
KW (298)
KY (787)
KZ (281)
LA (112)
LB (2)
LC (441)
LI (985)
LK (106)
LR (317)
LS (5)
LT (135)
LU (860)
LV (131)
LY (117)
MA (336)
MC (625)
MD (681)
ME (561)
MF (389)
MG (958)
MH (955)
MK (778)
ML (743)
MM (83)
MN (599)
MO (10)
MP (22)
MQ (523)
MR (483)
MS (648)
MT (414)
MU (392)
MV (503)
MW (785)
MX (106)
MY (72)
MZ (351)
NA (795)
NC (243)
NE (79)
NF (482)
NG (13)
NI (510)
NL (923)
NO (26)
NP (183)
NR (74)
NU (126)
NZ (217)
OM (622)
PA (612)
PE (982)
PF (56)
PG (309)
PH (753)
PK (258)
PL (588)
PM (406)
PN (5)
PR (448)
PS (717)
PT (56)
PW (559)
PY (883)
QA (840)
RE (353)
RO (622)
RS (51)
RU (112)
RW (921)
SA (86)
SB (699)
SC (397)
SD (865)
SE (541)
SG (774)
SH (571)
SI (414)
SJ (258)
SK (61)
SL (682)
SM (58)
SN (994)
SO (737)
SR (489)
SS (792)
ST (745)
SV (675)
SX (21)
SY (779)
SZ (526)
TC (38)
TD (679)
TF (184)
TG (411)
TH (927)
TJ (178)
TK (288)
TL (921)
TM (974)
TN (120)
TO (646)
TR (959)
TT (467)
TV (749)
TW (150)
TZ (838)
UA (443)
UG (245)
UM (742)
US (817)
UY (102)
UZ (589)
VA (339)
VC (406)
VE (608)
VG (979)
VI (818)
VN (647)
VU (78)
WF (813)
WS (704)
XK (148)
YE (782)
YT (28)
ZA (409)
ZM (704)
ZW (48)