Yesterday (30th March 2023) it became public that 3CX’s Desktop Client had been compromised by a malicious piece of malware, resulting in ransomware being installed on a number of 3CX Clients computers.
3CX has responded to this incident by issuing new code signing certificates and releasing new software builds, but have admitted they do not understand the extent of the breach. We know that this threat currently affects the 3CX DesktopApp versions 18.12.407 and 18.12.416 for Windows and 18.11.1213, 18.12.402, 18.12.407 and 18.12.416 for Mac. Shodan reports that there are more than 242,000 publicly exposed 3CX phone management systems. 3CX have indicated that this is an ongoing supply chain intrusion impacting versions of 3CX Desktop App going back as far as January 2023’s 18.11.1213 release for macOS. Our Cyber Security team have reviewed the vulnerability and can confirm that it is quite severe and concerning.
While 3CX issued a patch today, the company still strongly recommends that ALL users avoid the desktop-based Electron desktop application unless absolutely necessary. There have been discussions that the breach may also impact other aspects of the 3CX software implementation, but these have not been confirmed.
Real World Support customers who utilise 3CX from a third party provider have had the malicious Desktop Application removed and were contacted yesterday to discuss the impact of the threat.
Huntress, one of our Cyber Security partners, recommends users of 3CX seek alternate telephony arrangements.
CloudPBX is a modern, secure and scalable PBX replacement that is suited to a wide range of business applications for micro, small, medium or large businesses. Whether you use our Desktop or Mobile app, or a physical phone on your desk, we take pride in our standards compliance and flexibility, as well as system reliability.
If you need a replacement phone system or help to manage the incident, please get in touch today. We’d love to help you transform and modernise your business communications, securely.