Skip Navigation
BlackBerry Blog

BlackBerry Prevents Emerging 3CX DesktopApp Supply Chain Attack – And Has for Weeks

An emerging zero-day software supply chain attack has leveraged the software of a popular phone system developed by 3CX that is used by more than 600,000 companies worldwide and more than 12 million individual users. A Trojanized and digitally signed version of the desktop installer is part of an integrated cyberattack campaign that gives threat actors an interactive command shell on infected systems.

BlackBerry Prevents the 3CX Zero-Day Attack

BlackBerry customers have been protected from this supply chain attack for more than two weeks. While some media reports indicate that this attack may have commenced on March 22, 2023, BlackBerry customers using CylancePROTECT® reported convictions a week earlier on March 15. Our internal threat intelligence data suggests an even earlier detection date of March 13 where our AI-driven defense models first began blocking malicious code injections (DLLs) associated with the compromised installer.

Watch the demo video below to see how CylancePROTECT defends against 3CXDesktopApp supply chain attacks.  

DEMO VIDEO: BlackBerry vs. 3CXDesktopApp supply chain attack 

Actions for BlackBerry Customers

CylancePROTECT customers are already automatically protected from this zero-day, and have been for several weeks. Our endpoint protection platform blocks the attack before it can execute in customer environments and was able to do so as soon as this zero-day threat emerged. However, we encourage customers to assess their environment for instances of 3CX and update appropriately per the guidance of the vendor to help mitigate any further risk.

For up-to-date details on the 3CX DesktopApp supply chain attack please visit the BlackBerry threat intelligence center.

CylancePROTECT Provides Industry Leading AI-driven Defense

The Cylance® AI-driven defense model is a battle-proven solution that has been shown to stop more attacks — and earlier in the attack chain — than other models. This is due to the sophisticated algorithms that enable the system to detect and prevent threats before they have a chance to fully execute.

One of the key advantages of the Cylance model is that it is up to 95% lighter* than other solutions, meaning that it can be deployed on a wide range of systems without causing significant performance issues. This makes it an ideal choice for organizations looking to protect their assets without compromising system performance.

CylancePROTECT is a highly effective and efficient approach to cybersecurity that is well-suited to the needs of modern organizations that must defend themselves from constantly emerging threats. 

For similar articles and news delivered straight to your inbox, subscribe to the BlackBerry Blog.
*Based on preliminary Tolly Group data, to be published April 2023.
Paul Zimski

About Paul Zimski

Paul Zimski is Vice President of Product and Technical Marketing at BlackBerry.

Hector Diaz

About Hector Diaz

 Senior Technical Marketing Manager at BlackBerry

Hector Diaz is a Senior Technical Marketing Manager for Latin America and the Caribbean at BlackBerry. Hector works with Engineering and Product Management to translate technology concepts into digestible pieces, evangelizing and educating people about Artificial Intelligence (AI) applied to cybersecurity.

With over 15 years of experience in cybersecurity, Hector is a respected professional who is in-demand at trade shows, partner training and customer engagements across Latin America and the Caribbean Region.