3CX’s Software Supply Chain Compromise: Lessons Learned
Contents
About two years after 3CX's supply chain compromise, the voice-over-IP vendor has remade its software development process and continuous delivery/continuous integration (CI/CD) pipeline to prioritize the security, integrity, and resilience of its published code. ReversingLabs (RL) has been a part of that transformation. Here's a look at 3CX’s supply chain security transformation — and what your organization can learn from the company’s journey.
Red Flags Fly Over 3CX's Application
In March 2023, following a routine software update by 3CX, endpoint detection tools such as SentinelOne started to identify the 3CXDesktopApp as potentially malicious. Hundreds of thousands of client companies relying on the application for voice and video communication started to block and remove it, disrupting their operations. Initially, 3CX dismissed the alerts as false positives and advised users to whitelist the app.
But SentinelOne and other cybersecurity firms such as CrowdStrike discovered that the warnings were legitimate. The 3CXDesktopApp had been compromised — …
Red Flags Fly Over 3CX's Application
In March 2023, following a routine software update by 3CX, endpoint detection tools such as SentinelOne started to identify the 3CXDesktopApp as potentially malicious. Hundreds of thousands of client companies relying on the application for voice and video communication started to block and remove it, disrupting their operations. Initially, 3CX dismissed the alerts as false positives and advised users to whitelist the app.
But SentinelOne and other cybersecurity firms such as CrowdStrike discovered that the warnings were legitimate. The 3CXDesktopApp had been compromised — …