Blog

Researchers have found malware on the systems of 3CX, which provides software for VoIP solutions worldwide and fell victim to a supply chain attack. Both macOS and Windows systems of the software supplier turned out to be infected, 3CX said in an update about the attack. How the infections could have occurred has still not been disclosed. 3CX is one of the largest providers of business telephony solutions. The company claims to have six hundred thousand customers and twelve million daily users. The 3CX desktop application makes it possible to make calls or listen to voicemail from the desktop. Attackers managed to provide various versions of the software for macOS and Windows with malware in a still unknown way. It now appears that the attackers accessed 3CX’s systems through malware. In doing so, various malware instances were used that connected to domains that seemed legitimate. The investigation into the attack is being carried out by security company Mandiant, which suspects that a North Korean group is responsible.