Security News > 2023 > March > Cybersecurity firms warn of 3CX desktop app supply chain attack
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol desktop client is reportedly being used to target the company's customers in an ongoing supply chain attack.
3CX is a VoIP IPBX software development company whose 3CX Phone System is used by more than 600,000 companies worldwide and has over 12 million daily users.
According to alerts from security researchers from Sophos and CrowdStrike, the attackers are targeting both Windows and macOS users of the compromised 3CX softphone app.
Multiple customers in 3CX's forums have stated that they have been receiving alerts starting one week ago, on March 22, saying that the VoIP client app was marked malicious by SentinelOne, CrowdStrike, and ESET security software.
One of the trojanized 3CX softphone client samples shared by CrowdStrike was digitally signed over three weeks ago, on March 3, 2023, with a legitimate 3CX Ltd certificate issued by DigiCert.
A 3CX spokesperson didn't reply to a request for comment when BleepingComputer reached out earlier today.
News URL
Related news
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- Supply chain managers underestimate cybersecurity risks in warehouses (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)