Hackers Target 3CX Desktop App in Supply Chain Attack

March 30, 2023 at 10:10 AM

•

1 min read

Hackers Target 3CX Desktop App in Supply Chain Attack — Photo: Trend Micro

TL;DR Summary

Threat actors have been using a compromised version of the 3CX VoIP desktop client to target 3CX's customers as part of an attack. The malware can extract system information and hijack both data and stored login credentials from user profiles on Chrome, Edge, Brave, and Firefox web browsers. 3CX has recommended uninstalling the desktop app and using the Progressive Web App (PWA) client instead. Organizations that are potentially affected should stop using the vulnerable version if possible and apply the patches or mitigation workarounds if these are available.

Topics:technology #3cx #attack #cybersecurity #information-security #malware #voip

Share this article

Developing Story: Information on Attacks Involving 3CX Desktop App Trend Micro
SmoothOperator | Ongoing Campaign Trojanizes 3CXDesktopApp in Supply Chain Attack SentinelOne
Hackers compromise 3CX desktop app in a supply chain attack BleepingComputer
CrowdStrike Prevents 3CXDesktopApp Intrusion Campaign CrowdStrike
A VoIP service used by some of the world's biggest firms has been hacked TechRadar

Reading Insights

Total Reads

Unique Readers

Time Saved

4 min

vs 5 min read

Condensed

90%

907 → 88 words

Want the full story? Read the original article

Read on Trend Micro

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights