|
Listen to this article here
|
Users of 3CX’s Desktop app, allowing business to make phone calls via their computers, are being advised to uninstall the app following vulnerability in the software.
The vulnerability is affecting versions 18 and above of the 3CX Desktop on both Windows and macOS operating systems (pictured). The cyberthreat has been linked to a hacking group with connections to the North Koream government, Labyrinth Chollima.
Stockport IT support business, Amshire, are advising businesses that use the software to ensure the 3CX Desktop App is uninstalled, in line with recommendations from 3CX. In a LinkedIn post, the business said:
“3CX are aware of this issue and their current recommendation is that the above 3CX Desktop App is uninstalled.
“We are using our Remote Monitoring tool to find all those clients machines that have the 3CX Desktop App installed. We are also creating an uninstall job that we can push out to all Customers to remove the affected 3CX Desktop App for each of the clients.”
Older versions of the software, including 3CX Phone for Windows do not appear to have been compromised as the older client does not contain the affected Electron Framework that has been compromised.
The 3CX Voice over Internet Protocol (VoIP) system is used by over 600,000 businesses worldwide, including the likes of Coca-cola, Honda and the NHS, as well as smaller businesses. The cyberattack is an example of a supply chain attack, where a business or software is targeted to gain access to customers.
Stockport looks back on 2024 successes 
Stockport County players spread Christmas cheer at Stepping Hill 
TfGM encourages planning ahead for festive journeys