Supply Chain Attack Against 3CXDesktopApp

Release Date

CISA is aware of open-source reports describing a supply chain attack against 3CX software and their customers. According to the reports, 3CXDesktopApp — a voice and video conferencing app — was trojanized, potentially leading to multi-staged attacks against users employing the vulnerable app.

CISA urges users and organizations to review the following reports for more information, and hunt for the listed indicators of compromise (IOCs) for potential malicious activity:

Vendor communications from 3CX:

JCDC partner analysis on 3CX DesktopApp attacks:


This product is provided subject to this Notification and this Privacy & Use policy.