Cyber security firms CrowdStrike and Sophos have reported that the 3CX communications technology supplier’s 3CXDesktopApp has been hit by supply chain attacks from a Korea-linked advanced persistent threat (APT) actor. The attacks, which spread via a compromised update to one of its products, have involved an installer which uses DLL [Dynamic Link Library] sideloading to retrieve a malicious, encoded payload. The malicious activity in the popular business phone system program has now been blocked and users are advised to check 3CX’s blog for any official communications from the company.
News