Logo
News

Supply chain attack targets millions of phone system users through trojanized 3CX app

Cybersecurity firms have been warned of a supply chain attack targeting downstream customers using a trojanized 3CX software

Supply chain attack targets millions of phone system

Multiple cybersecurity firms have warned of a supply chain attack using a trojanized version of 3CX's software to target downstream customers. 

3CX is a phone system developer used by more than 600,000 organizations worldwide, including American Express, BMW, McDonald’s, and the U.K.'s National Health Service. The attack, dubbed "Smooth Operator," involves the delivery of trojanized 3CXDesktopApp installers to install infostealer malware inside corporate networks, capable of stealing data and stored credentials from Google Chrome, Microsoft Edge, Brave, and Firefox user profiles. 

Researchers report that attackers are targeting both the Windows and macOS versions of the compromised VoIP app. The Linux, iOS, and Android versions appear to be unaffected. The attackers are believed to be the North Korean threat actor Labyrinth Chollima, a subgroup of the notorious Lazarus Group. It appears to be a targeted attack from an Advanced Persistent Threat, perhaps even state-sponsored. 

If you are a 3CX user, the company suggests uninstalling the app and installing it again or using its PWA client as a workaround. While we don't know how many organizations have been potentially compromised, Shodan.io reports that there are currently over 240,000 publicly exposed 3CX phone management systems. 

Stay vigilant and take immediate action if you suspect any suspicious activity.

Manish <span>Content Strategist</span>
Written By
Manish Content Strategist

With a mixture of literature, cinema, and photography, Manish is mostly traveling. When he is not, he is probably writing another tech news for you!

Think Your Professional Journey
Deserves A Spot In Our 40 Under 40 Report?

Featured Blogs

News

New iOS 12.1.2 Update: Why Every iPhone User Wants it

4 min read  

iOS 12 is the latest OS version for the iOS-enabled device and running on its success; Apple has rolled out iOS 12.1.2, which carries fixes for iPhone XR, iPhone XS, and iPhone XS Max, coupled with other security patches to take care of other bugs and issues.Apple’s iOS 12.1.2 primarily fo

News

Can Cryptocurrency Decode The Financial Crisis Of Africa?

4 min read  

Africa remains one of the regions where the significant chunk of the population doesn’t own bank accounts. Banking system stays to be in deplorable condition. People in Africa believes more in cash or barter system for the local payments, which can drastically pull-down any economy. So, some m

News

You can now get your family’s approval on Tinder

4 min read  

If you or your friends have been using Tinder to find the ideal partner online, then you might have also handed over its responsibility to a trusted one. It is a common phenomenon to hand over your phone to your friends or family to swipe on the profiles on your behalf. But now, Tinder has officiall

News

StartupItalia Open Summit 2018: Event Announcement

2 min read  

Event: StartupItalia Open SummitEvent Date: Dec 17, 2018Event Place: Palazzo del Ghiaccio in MilanLast December 18th at StartupItalia Open Summit 2017 there were many enthusiastic professionals, 3,800 to be exact. And with more than 1,500 startup originators, with additional understudies

Featured Interviews

Interview

Interview With Coyote Jackson, Director of Product Management, PubNub

MobileAppDaily had a word with Coyote Jackson, Director of Product Management, PubNub. We spoke to him about his journey in the global Data Stream Network and real-time infrastructure-as-a-service company. Learn more about him.

MAD Team 4 min read  
Interview

Interview With Laetitia Gazel Anthoine, Founder and CEO, Connecthings

MobileAppDaily had a word with Laetitia Gazel Anthoine, Founder and CEO, Connecthings. We spoke to her about her idea behind Connecthings and thoughts about the company’s services.

MAD Team 4 min read  
Interview

Interview With Gregg Temperley, Founder Of ParcelBroker App

MobileAppDaily had a word with Gregg Temperley, Founder. We spoke to him about his idea behind such an excellent app and his whole journey during the development process.

MAD Team 4 min read  
Interview

Interview With George Deglin, CEO Of OneSignal

MobileAppDaily had a word with George Deglin, the CEO and co-founder of OneSignal, a leading customer messaging and engagement solution, we learn multiple facets related to customer engagement, personalization, and the future of mobile marketing.

MAD Team 4 min read  
MAD Originals
MAD Originals

Cut to the chase content that’s credible, insightful & actionable.

Get the latest mashup of the App Industry Exclusively Inboxed

  • PRODUCTS
  • SERVICES
  • BOTH
Join our expansive network, build connections and expand your brand presence.