New on LowEndTalk? Please Register and read our Community Rules.
3CX Malware
Jasonhyperhost
Member, Patron Provider
in General
Not sure how many of the hosts on here also offer telecoms
but does anyone use 3CX for there Business?
today there latest (desktop App) was full of malware, they quickly had to release a New APP
See there post below from there CEO
Initial Report - https://www.3cx.com/blog/news/desktopapp-security-alert/
UPDATE - https://www.3cx.com/blog/news/desktopapp-security-alert-updates/
Comments
how the fuck did it happen
there will be a gigantic drama caused by it, 3cx is extremely popular among corpos and smaller companies
Solarwinds 2: 3CX Boogaloo
They will rebrand and continue on. 3cx is very complex software, alternatives are crap.
Alternatives are far from crap - they're just harder to use.
its crazy how it happened but they are acting fast on it as you would expect , good job most of our 3cx clients are not on the desktop app
Mobiles apps remain unaffected but they do put out a new app within 12 hours of this
The main guy doesn’t seem to care much there.
The CEO Nick Galea? is that who you mean?
they have appointed a google subsidiary o investigate this.
On Reddit, people were claiming they waited 8 days, with antivirus programs flagging the software.
you can never belive reddit full of false info
They have a long history of poor testing and botched releases. No one will ever install the last 3cx release on a production system, unless it is the new guy in the town. But at least they are committed to fix issues, and the system is ultimately working.
New informations;
https://www.3cx.com/blog/news/mandiant-security-update2/
https://libreddit.tiekoetter.com/r/3CX/comments/12t0e1t/3cx_was_compromised_through_an_employees_personal/
https://krebsonsecurity.com/2023/04/3cx-breach-was-a-double-supply-chain-compromise/
It's scary when the software you use suddenly becomes a malware because the developer's company got hacked and they did not notice it...