Users of 3CX’s Desktop app, allowing businesses to make phone calls via their computers, are being advised to uninstall the app following vulnerability in the software.
The vulnerability is affecting versions 18 and above of the 3CX Desktop on both Windows and macOS operating systems (pictured). The cyberthreat has been linked to a hacking group with connections to the North Koream government, Labyrinth Chollima.
Handforth-based IT support business, Amshire, are advising businesses that use the software to ensure the 3CX Desktop App is uninstalled, in line with recommendations from 3CX. In a LinkedIn post, the business said:
“3CX are aware of this issue and their current recommendation is that the above 3CX Desktop App is uninstalled.
“We are using our Remote Monitoring tool to find all those clients machines that have the 3CX Desktop App installed. We are also creating an uninstall job that we can push out to all Customers to remove the affected 3CX Desktop App for each of the clients.”
Older versions of the software, including 3CX Phone for Windows do not appear to have been compromised as the older client does not contain the affected Electron Framework that has been compromised.
The 3CX Voice over Internet Protocol (VoIP) system is used by over 600,000 businesses worldwide, including the likes of Coca-cola, Honda and the NHS, as well as smaller businesses. The cyberattack is an example of a supply chain attack, where a business or software is targeted to gain access to customers.
North West businesses lack AI understanding, finds British Business Bank 
Macclesfield IT service provider achieves government cybersecurity status 
Co-op becomes latest retailer hit by cyber attack