Cyber security firms CrowdStrike and Sophos have reported that the 3CX communications technology supplier’s 3CXDesktopApp has been hit by supply chain attacks from a Korea-linked advanced persistent threat (APT) actor. The attacks, which spread via a compromised update to one of its products, have involved an installer which uses DLL [Dynamic Link Library] sideloading to retrieve a malicious, encoded payload. The malicious activity in the popular business phone system program has now been blocked and users are advised to check 3CX’s blog for any official communications from the company.
The service that we receive is of the highest standard and we are completely happy that we have made the right decision to move our business to SMT IT Services.
- Chris Addis -