Massive disruption, Orange Alert: BSI warns of 3CX hack


The compromise of the 3CX desktop app has been known since the end of March. North Korean hackers have probably planted malicious code in the VoIP application, which is widespread among companies. The BSI has therefore now issued a warning with the second highest level.

The reports about the manipulated VoIP software are currently somewhat confused. While the 3CX developers downplay the incident, security experts around the world are warning of the consequences of malicious code injection.

The Federal Office for Information Security (BSI) also has a corresponding Warning issued to users of the application. The BSI has declared the second highest warning level: “Level 3/Orange” is warned of the manipulated 3CX desktop app: “The IT threat situation is business-critical. Massive impairment of regular operations,” says a BSI report on the incident .

According to the BSI, these are the following desktop apps:

  • for Windows: versions 18.12.407 and 18.12.416
  • for Mac: the versions 11/18/1213, 12/18/402, 12/18/407 and 12/18/416

Although the software is signed by the manufacturer, it contains malicious elements that correspond to the function of a Trojan. According to the BSI, the app contains, among other things, a manipulated DLL file. This enables the application to establish a connection to a command and control server (C&C server) after successful installation and then download malware. 3CX has now confirmed these reports, but also says that the connected servers are already down and there is no direct danger. One rt nonetheless according to the company blogto uninstall the app and apply AV scans and EDR solutions. A patch is currently not available.

Summary

  • 3CX Desktop App compromise known since Mar
  • North Korean hackers injected malicious code
  • BSI warns with the second highest warning level
  • Manipulated DLL file enables C&C connection
  • 3CX rt to uninstall + AV scans & EDR solutions
  • No patch available yet
  • Affected: Windows versions 18.12.407 & 18.12.416, Mac 18.11.1213, 18.12.402, 18.12.407 & 18.12.416

See also:


Security, vulnerability, leak, hacker, security, malware, attack, hack, bug, crime, Trojan, virus, malware, exploit, cybercrime, cybersecurity, ransomware, hacker attack, hacking, spam, blackmail, cybercrime, phishing, warning, ddos, Darknet, Hacker Attacks, Hacker Attack, Hacking, Attack, Ransomware, Hacks, Crime, Error, Viruses, Hacked, Pest, Russian Hacker, China Hacker, Adware, Security Report, Malware Alert, Security Bulletin, Celebrity Hacker, Android Malware, Phishers, Secure, Breaking

Share This:

California18

Welcome to California18, your number one source for Breaking News from the World. We’re dedicated to giving you the very best of News.

Leave a Reply