In summary, the recent incident of malware infiltrating 3CX’s own 3CX Desktop App serves as a reminder of the importance of paying attention to the underlying foundation code of our apps and the potential vulnerabilities that come with using open-source tools like Electron. As a response, 3CX has suggested that customers use their Progressive Web App instead and has temporarily discontinued the availability of their Windows app. To protect your own systems and networks from such an attack, it is important to uninstall the 3CX Desktop App, check for tell-tale signs of the malware, switch to using the PWA, and to keep track of IoCs, analysis and detection names from Sophos X-Ops and SophosLabs. Additionally, if you need help, you can contact Sophos Managed Detection and Response (MDR) or Sophos Rapid Response (RR) for assistance.
Supply chain blunder puts 3CX telephone app users at risk – Naked Security
- by admin
- Cyber News, Hacks, News
- 1 min read