"3CX Customers Targeted via Trojanized Desktop App"

Several cybersecurity companies have warned that the official Windows desktop app for the widely used 3CX softphone solution has been trojanized by malicious actors suspected to be state-sponsored. 3CX is Private Automatic Branch Exchange (PABX) software that supports Voice over Internet Protocol (VoIP). It provides video conferencing and live chat features. 3CX has app versions for Windows, macOS, Linux, Android, and iOS, as well as a Chrome extension and a Progressive Web App (PWA) version, allowing the software to be accessed via any web browser. 3CX CISO Pierre Jourdan confirmed that the Windows version of the 3CX client app had been injected with malware, advising users to temporarily uninstall the app and use the PWA version until a clean version can be released. Researchers from Trend Micro and Crowdstrike revealed that macOS versions of the 3CX desktop app have also been compromised. It is still unclear when the trojanized versions began to be served to customers, but it is known that 3CX customers reported receiving threat alerts from SentinelOne as early as March 22. This article continues to discuss 3CX's legitimate apps being switched with trojanized ones.

Help Net Security reports "3CX Customers Targeted via Trojanized Desktop App"