3CX Desktop Attack: Sophos Customer Information

From news.sophos.com

Sophos X-Ops is tracking an attack against the 3CX Desktop application, possibly undertaken by a nation-state-related group.

The affected software is 3CX – a legitimate software-based PBX phone system available on Windows, Linux, Android, and iOS. The application has been abused by the threat actor to add an installer that communicates with various command-and-control (C2) servers.

A list of IOCs for this attack is published on our GitHub.

Read more…