3CX Softphone Hack
3CX is the most popular phone system for businesses, and for the first time ever, their 3cx softphone has been hacked!
The most recent update released for their Softphone* (Versions 18.12.407 & 18.12.416) was released with a security issue, causing most antivirus vendors to flag the softphone as a virus and uninstall it.
It’s early days in the hack, but the best advice from 3CX at the moment is to check what version of the softphone you are using and uninstall immediately if you have the affected install. Once uninstalled you can continue to use the web app (PWA app) to make calls as normal.
3CX are working on a fix, and updated release of the softphone, but this will take at least 24 hours.
For the latest from on the 3CX softphone hack you can visit https://www.3cx.com/blog/news/desktopapp-security-alert/
Our clients were instantly audited for the affected software and uninstalled where present (thankfully most of our clients hadn’t updated since the latest version was not a mandatory security update to the software). We followed this up with a full ESET antivirus sweep to ensure all computers were clean. If you are concerned, you may be affected then please get in touch with our engineers on 0115 684 8800 or email email@example.com.
3CX is a great phone system, and as we mentioned this is the first time that a 3CX hack has occurred. The software allows you to host your own phone system, either onsite or on the cloud. Liberate IT also offers a fully hosted 3CX solution. I very much doubt you will hear of another 3CX hack in the years to come, security is paramount with any web-exposed solution.
If you are interested in how to make your phone solution the most secure system possible then get in touch with our security specialists.
The 3CX softphone is an application installed on a computer, which acts as a phone. This means you don’t need a bulky handset on your desk and can take the phone anywhere with you on your laptop!).