Supply chain attack on 3CXDesktopApp video conferencing software
Information security now!
Published
According to observations by data security companies, harmful code has been slipped into the installation package of the widely used 3CXDesktopApp video conferencing software abroad. This code is installed onto the user’s device in connection with an update or installation. A harmful version of the software has been installed, if the download or update has taken place after 22 March 2023.
The aim of a supply chain attack is to gain a foothold in different organisations along the supply chain. Once a foothold has been secured, it can be used in different kinds of further attacks, such as data breaches and ransomware attacks.
The original article was published on 30 March 2023 in Finnish