Cyber security firms CrowdStrike and Sophos have reported that the 3CX communications technology supplier’s 3CXDesktopApp has been hit by supply chain attacks from a Korea-linked advanced persistent threat (APT) actor. The attacks, which spread via a compromised update to one of its products, have involved an installer which uses DLL [Dynamic Link Library] sideloading to retrieve a malicious, encoded payload. The malicious activity in the popular business phone system program has now been blocked and users are advised to check 3CX’s blog for any official communications from the company.
“They are a very detail orientated team who have achieved great IT solutions for our company. Their knowledge of new technology is good and explanation of benefits for us easy to understand.”
- Lynn West -