Active Intrusion Campaign Targeting 3CXDesktopApp Customers

1 year ago
March 30, 2023
5 comments
70 views

+7

dips
Veeam Legend
808 comments

Something to watch out for if you are using the 3CXDesktopApp in your environment. There is not much info available at the moment but according to CrowdStrike:

“The malicious activity includes beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and, in a small number of cases, hands-on-keyboard activity. “

More here:

+12

Michael Melter
Veeam Legend
144 comments
1 year ago
March 30, 2023

That’s quite an attack. We right away informed customers we know to use 3CX systems.

Here some recent intel from 3CX: https://www.3cx.com/community/threads/3cx-desktopapp-security-alert.119951/

+8

marco_s
Influencer
369 comments
1 year ago
March 30, 2023

It seems “only” version numbers 18.12.407 & 18.12.416 are affected: https://www.3cx.com/blog/news/desktopapp-security-alert/

Marco Sorrentino - Italy | System Engineer | VMCE & VMCA

+11

Iams3le
Veeam Legend
1389 comments
1 year ago
March 30, 2023

Great share @dips!

[Microsoft MVP | Veeam Legend (2021 -2025) | VMware vExpert 5x | Cisco Champion 3x | Object First Ace 2x]

+7

dips
Author
Veeam Legend
808 comments
1 year ago
March 30, 2023

It's going to be really interesting once the info is out about what exactly happened but looks to be quite bad. Especially with the large amount of high profile clients

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2025 | Cyber Security Space VUG Leader

+21

Chris.Childerhose
Veeam Legend, Veeam Vanguard
8473 comments
1 year ago
March 30, 2023

Never really heard about this technology but interesting read for sure. Thanks for sharing.

Comment

Related topics

Nieuwe zender: Play Crime?icon

problemen met nieuwe zender Play Crimeicon

sommige zenders zijn verdwenenicon

Ment tvicon

4, 5 en zes worden in 2021 Play 4, 5 en 6icon

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded