This week has been the turn of telephony software company 3CX to have one of their most used applets compromised. For those who don’t know an applet is an app, it's not short for application ...
By now, you are probably well aware that hacking is an industry in itself!
An applet is effectively a shortcut to an application, containing most of the useful coding to load the service quicker and usually only to have to log in once to keep the service live.
"You can sign out of an app at any time you need to!"
In this case, the affected desktop app include the following versions: Electron Windows App 18.12.407 and 18.12.416 from Update 7 as well as Electron Mac App versions 18.11.1213, 18.12.402, 18.12.407 and 18.12.416. In this case, the hackers embedded a code so that the app would download and execute malicious malware from the device, into the entire network.
I must stress that the hack compromised the app only, not the 3CX phone systems or servers. The hack was more about spreading malware and industry reports suggest that the campaign was connected to North Korean state-sponsored hacking group Labyrinth Chollima, also known as the Lazarus Group or APT 38.
"By now, you are probably well aware that hacking is an industry in itself!"
There are teams of programmers who have developed hacking kits for amateur hackers to buy from the Dark Web and come with easy-to-use instructions. Malware hidden in legitimate software is often referred to as having been 'trojanised'. We have all heard of the trojan horse used by the Greeks against the city of Troy, and we are now potentially faced with everyday trojan software.
This hack was actually discovered relatively quickly due to third-party threat protection subscription services from SentinelOne and Falcon, developed by CrowdStrike. These services monitor individual desktop and laptop computers for any unusual activity from any loaded software.
Companies of all sizes must now consider what was once considered a luxury and must now add the necessary expense to their IT budgets. You can't sit back and think 'it won't happen to my small company', but let me tell you, I have seen ransomware and malware attacks on every size of company.
It's all about the maths. Speak to us at BTS (UK) or your incumbent IT provider as to what deal we can do for your company once you decide to implement threat protection software. This is typically around £15.00 per month per device and typically includes 24/7/365 live monitoring.
Threat protection shuts down infected software and apps as soon as unusual coding is diagnosed within Microsoft Windows or MacOS!
This is the year to review your IT support services and renegotiate the overall support pack to ensure that your provider can supply appropriate threat protection as an additional service. Do ensure that they have the necessary qualifications and training themselves to be able to implement these new specialist services.
Stay safe ... there are some bad people out there.
Until next time ...
PRITESH GANATRA
Would you like to know more?
If anything I've written in this blog post resonates with you and you'd like to discover more about hacking, malware, ransomware or trojans, or request a review of your network and software security, it may be a great idea to give me a call on 01604 926100 or take a look at my website which you can find by clicking here.
The word 'Technology' has too many connotations in today's world!
Where do we start? Simple terms like 'IT' and 'Telecoms'? or terms that appear NOT to have an actual meaning at all!, e.g. 'Internet of Things (IoT).
Technology also encompasses specialist products and services like 'Rugged' and 'Tough' android devices, Lone Worker Software, panic alarm devices, smart energy devices, low energy lighting, credit card terminal (PCI DSS) security, indoor/ outdoor Wi-Fi systems, Ultrafast Gigabit internet connectivity, access control systems, industrial IoT circuit controllers.
BTS UK can consult from simple solutions to the most complex, provide some of the products through a wholesale channel, bring together a multi-disciplined 'Task Force' to deliver and implement complete Technology 'projects'.
I am your technology problem solver and I look forward to helping you.
No unauthorised use, duplication, distribution or modification to any original content contained within this blog is permitted without prior written permission of the author. All other trademarks and registered names are acknowledged.
