This site is a way for users to identify if they were potentially impacted by the supply chain attack against 3CX from March 2023.
If the background appears in red, the IP address you are visiting this site from was flagged by security researchers as potentially impacted. We do not have the ability to determine if you are still impacted. This site is a best effort to broadly notify potential impacted parties of this attack by members of the cyber security research community.
If the background appears in gray, the IP address you are visiting this site from has not been reported to this site.
On 30 March 2023, phone system software company 3CX released a notification of a suspected supply chain attack against the 3CX Windows and Mac desktop applications (Windows versions: 18.12.407 & 18.12.416 and Mac versions: 18.11.1213, 18.12.402, 18.12.407 & 18.12.416.
The following reports are available to provide additional context on this incident
Identification of potentially impacted parties is based on lists of IP addresses that were interacting with malicious infrastructure. We’re working on trying to expand this to include more high-fidelity data. If you wish to contribute, please reach out.