3CX telephony Desktop Client Security Incident

March 31, 2023

On Wednesday evening, March 29, 2023, we were notified of a serious leak in the Desktop application of one of our VOIP solutions, 3CX.

In versions 18.12.407 and 18.12.416 for Windows and 18.11.1213 for macOS, malicious parties have placed malware to gain further access to systems. In the meantime, we recommend using fixed devices, the mobile app and/or the web application. How the malware could be added has not been disclosed. 3CX said it is conducting an investigation and will provide more information at a later date.

From Analyst ICT we immediately checked all telephone exchanges and we found that none of our end-users are using the infected version of the 3CX Desktop Client. This means that we can cautiously conclude that no damage or break-in has taken place via the 3CX Desktop Client.

We continuously monitor the latest news and will act immediately if action is required. If you still have questions and/or comments about the above news, please contact us by phone or e-mail contact up. Below is the press release from www.security.nl

Security firms sound alarm over malware in desktop application 3CX - update

Several security companies are sounding the alarm about malware found in the official desktop application of the popular voip software 3CX. 3CX is one of the largest providers of business telephony solutions. The company claims to have six hundred thousand customers and 12 million daily users. 3CX also offers a Windows application to make calls or listen to voicemail from the desktop.

A library used by 3CX for its Windows application has been infected with malware, the company reveals in a warning know. That is now working on a new Windows app. In the meantime, customers are advised to use the Web application. How the malware could have been added has not been disclosed. 3CX says it is investigating and will come up with more information later today.

The malware added to the desktop application downloads additional malware that steals information from the infected system and can give attackers further access, security companies warn SentinelOne, Sophos and Crowdstrike. The latter party suspects that the attack is the work of a state actor.

Update

The installer of the macOS version of the desktop application was also provided with malware by the attackers, so report security researcher Patrick Wardle and 3CX ceo Nick Galea.

Recent blogs

Blog

Apple 50 Years: 50 Years of Daring to Think Differently

This year, Apple celebrates its 50th anniversary. A milestone that cannot simply be overlooked. Because whether you are a fan or not: Apple has permanently changed the way we work, communicate, and create. At Analyst ICT, we are proud to be part of this ecosystem. As an Apple Technical Partner, we work daily with technology that is not only powerful but, above all, logical and pleasant to use. A different perspective on technology Apple has always distinguished itself by one simple conviction: technology should help people, not hinder them. No unnecessary complexity, but simplicity and ease of use. That aligns seamlessly...

Blog

Why saving passwords in your browser is not a good idea

The blog post below was created in response to a question during our engineering meeting. Every two weeks, we get together with all of our technical staff to discuss the latest developments in technology or with clients. Good client questions also arise during these meetings, such as this one. Time to do some research. Thank you, Wiebe! You've probably experienced this: you log in to a website, and your browser asks if it should remember your password. Convenient, fast, and you don't have to remember anything. However, there's a risk involved. In practice, we see that many security incidents start with something small. Like saving passwords…

Blog

Apple is taking a big step with Apple Business

Apple announced something special this week. Not a new device, but something that might be even more interesting for many organizations: Apple Business. A completely new platform with which Apple brings all its business services together in one environment. And frankly: this is a development that we at Analyst ICT are following with great interest. The problem: fragmented tools and unnecessary complexity Many organizations working with Apple will recognize the problem: Multiple portals (Apple Business Manager, Business Essentials, Connect) Different tools for management, branding, and support Additional costs for basic functionalities such as device management This leads to a lack of clarity and costs time. And…

3CX telephony Desktop Client Security Incident

Security firms sound alarm over malware in desktop application 3CX - update

Update

Recent blogs

Apple 50 Years: 50 Years of Daring to Think Differently

Why saving passwords in your browser is not a good idea

Apple is taking a big step with Apple Business

A newsletter

Superlogic right?

Contact

Direct to

About us

What we do