From news.sophos.com
![](https://cert.bournemouth.ac.uk/wp-content/uploads/2023/03/image-88-1024x576.png)
Sophos X-Ops is tracking an attack against the 3CX Desktop application, possibly undertaken by a nation-state-related group.
The affected software is 3CX – a legitimate software-based PBX phone system available on Windows, Linux, Android, and iOS. The application has been abused by the threat actor to add an installer that communicates with various command-and-control (C2) servers.
A list of IOCs for this attack is published on our GitHub.