Multiple security firms have sounded the alarm about an active supply chain attack that’s using a trojanized version of 3CX’s widely used voice and video-calling client to target downstream customers.
3CX is the developer of a software-based phone system used by more than 600,000 organizations worldwide, including American Express, BMW, McDonald’s and the U.K.’s National Health Service. The company claims to have more than 12 million daily users around the world.
Researchers from cybersecurity companies CrowdStrike, Sophos and SentinelOne on Wednesday published blog posts detailing a SolarWinds-style attack — dubbed “Smooth Operator” by SentinelOne — that involves the delivery of trojanized 3CXDesktopApp installers to install infostealer malware inside corporate networks.
This malware is capable of harvesting system information and stealing data and stored credentials from Google Chrome, Microsoft Edge, Brave and Firefox user profiles. Other obse …
