A backdoor named Gopuram used by the Lazarus Group has been found in a small number of environments compromised in the 3CX supply chain attack.
The supply chain attack against 3CX may have been planned for more than a year, and such intrusions are the best return on investment for attackers, researchers say.