Threat Brief: 3CXDesktopApp Supply Chain Attack

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Team Member

Threat Brief.png


Executive Summary

On March 29, 2023, malicious activity was identified involving a software-based phone application called 3CXDesktopApp. The attack began with threat actors introducing malicious libraries into the legitimate 3CXDesktopApp installation application, likely by including these libraries during the build process. With the malicious libraries included in the legitimate installer, individuals fall victim by downloading and running the 3CXDesktopApp installer from the developer’s website.


Because malicious content was added to this legitimate application in order to compromise the users of 3CXDesktopApp, Unit 42 believes this is intended to be a supply chain attack.


For the most up to date information and product mitigations please read the Unit 42 Threat Brief.


Register or Sign-in