In what appears to be one of the biggest supply chain attacks of 2020, hackers have trojanized versions of Windows and Mac applications that are commonly used by 3CX users. The malicious software was delivered to users via email, which claimed to be from 3CX, a popular Voice Over Internet Protocol (VoIP) provider.
The attack, first reported by BleepingComputer, is aiming to infect users with malicious software posing as legitimate applications. If a user downloads and installs the trojanized software, malicious code could be installed on the system, giving the attackers full access to the user’s data and any other resources they may have access to.
According to BleepingComputer, the attackers have created malicious versions of the 3CX Windows Client, 3CX Android Client, and 3CX iOS Client and are spreading the trojanized payload via emails. The emails purport to be from 3CX and are titled “3CX New Release” with a text body saying, “We are proud to announce the released of version 9.2.2 of the 3CX VoIP client.”
The emails contain a malicious zip file that has been appropriately named “3cx.zip.” The malicious file contains a trojanized version of the 3CX VoIP client for Windows, Android, and iOS, as well as some code that the hackers use to validate and maintain the malware on the victim’s machine.
3CX has already responded to the attack and is warning users to not download and install any of the trojanized applications or any software claiming to be from 3CX via email. The company is also recommending that users update their security software and perform regular scans in order to ensure their system remains secure.
Supply chain attacks such as this are on the rise in 2020, with hackers targeting popular applications, plugins, and software bundles with malicious alterations. As 3CX users have now seen, it is important to take extra precautions when downloading and installing software to ensure your system remains safe.
Hey Subscribe to our newsletter for more articles like this directly to your email.