Great work today from our CSSCloud tech team in reacting to the 3CX phone system hacking.

We constantly monitor and manage our customer’s IT and tech  in order to provide the best protection available. Sometimes the work we do  goes unnoticed, because we don’t need to make a song and dance about it, it’s just what we do. However I thought it was time to give a shout out to our tech team’s response to the latest expoit/threat, the “3CX phone system compromise”


Although 3CX is not a system we provide, we do have a number of customers using it, so we needed to react quickly in order to minimise the threat to customer data and continuity.

Our Endpoint, Detect and Response system (in short, a very advanced next generation anti virus/security system)  detected the threat and immediately neutralised it.

Our engineers then ran additional scans over our complete customer base to ensure we were aware of 3CX installations. This was quickly relayed to our account management team who then made contact with those customers impacted to explain the situation.

Those PC’s then had the 3CX system completely removed, which was recommended by 3CX as a ‘workaround’.

Shown below is our EDR system detecting an infected PC


It is really interesting to note that in all cases, we were able to notify the customer of the problem, before the local 3CX providers did.  We also noted that whilst our EDR system was able to detect the ‘unusual activity’ of the 3CX client,  standard managed antivirus did not, which makes it even more important to employ EDR.

These types of hacks, in this case an exploit carried out in conjunction with the North Korean government are increasingly common and if left undetected can be used to exploit personal and financial data and in many cases allow the infected devices to be used to target other infrastructure.

Those customers who benefit from our own CSSCloud Phone system, are completely unaffected by this threat/exploit and will continue to be, as we apply the same level of security and support to our communication solutions as we do our IT support and solutions.

Contact us today on 01493 801801 or if you would like to discuss any of the above