Security News > 2023 > March > 3CX customers targeted via trojanized desktop app

Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began warning on Wednesday.

3CX offers a Windows, macOS, Linux, Android and iOS version of the app, a Chrome extension, and the PWA version so the software can be also used via any browser.

3CX CISO Pierre Jourdan says that the Windows version of the 3CX client app has been injected with malware, advised users to uninstall the app for the time being and use the PWA version until they are able to push out a clean version.

Trend Micro and Crowdstrike researchers say that macOS versions of the 3CX desktop app have been trojanized, as well.

Until 3CX finish their investigation and we know more, customers would do well to find and uninstall them.

It's still unclear how far back the trojanized versions began to get served to customers but, as Satnam Narang, staff research engineer at Tenable, pointed out, "3CX customers reported receiving threat alerts from SentinelOne as early as March 22.".

News URL

https://www.helpnetsecurity.com/2023/03/30/3cx-trojanized-app/