![]() ![]()
#CCLEANER MALWARE THE HACKER NEWS CODE#The intent of the attack is unclear at this time, though Avast says the code was able to collect information about the local system. Most reassuringly, Yung states that Avast was seemingly able to disarm the threat before it was able to do any harm. Additionally, the company is moving all users to the latest version of the software, which is already available on the company’s website (though the release notes only mention “minor big fixes.”) He also says Piriform has shut down the hackers’ access to other servers. Yung assures customers that the threat has been resolved and the “rogue server” has been taken down. #CCLEANER MALWARE THE HACKER NEWS DOWNLOAD#13, Cisco Talos found that the official download of the free versions of CCleaner 5.33 and CCleaner Cloud also contained “a malicious payload that featured a Domain Generation Algorithm as well as hardcoded Command and Control functionality.” What that means is that a hacker infiltrated Avast Piriform’s official build somewhere in the development process build to plant malware designed to steal users’ data. 21 with details about the malware targeting specific technology companies for industrial espionage. In an in-depth probe of the popular optimization and scrubbing software, Cisco Talos has discovered a malicious bit of code injected by hackers that could have affected more than 2 million users who downloaded the most recent update.Įditor’s note: This article was first published on September 18, 2017, but was updated on Sept. #CCLEANER MALWARE THE HACKER NEWS SOFTWARE#By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates.It seems that CCleaner, one of PCWorld’s recommendations for the best free software for new PCs, might not have been keeping your PC so clean after all. This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organizations and individuals around the world. That and you don’t expect an antivirus firm to infect you with malware. Taking advantage of that trust is partially why this attack is so distressing. If you installed it, then go grab a clean version of CCleaner now if you intend to keep using the software.ĬCleaner has been popular for years, trusted by tech-savvy users. #CCLEANER MALWARE THE HACKER NEWS UPDATE#The freebie version won’t automatically update to a version without a backdoor. At the time of this writing that is version 5.34. Users should also update to the latest available version of CCleaner to avoid infection. Affected systems need to be restored to a state before August 15, 2017, or reinstalled. If even a small fraction of those systems were compromised, an attacker could use them for any number of malicious purposes. Cisco Talos said, “The impact of this attack could be severe given the extremely high number of systems possibly affected.” Piriform previously claimed that there have been 2 billion total CCleaner downloads with an additional 5 million weekly installs. Piriform said, “It would have been an impediment to the law enforcement agency’s investigation to have gone public with this before the server was disabled and we completed our initial assessment.” An estimated 2.27 million systems installed the infected CCleanerĪlthough Avast doesn’t want users to panic, it admitted to Forbes that an estimated 2.27 million systems installed the backdoored versions. ![]() 24, the company released a non-malware tainted version on Sept. Piriform confirmed the attack, saying Avast “determined on the 12th of September that the 32-bit version of our CCleaner v and CCleaner Cloud v products, which may have been used by up to 3% of our users, had been compromised in a sophisticated manner.” A non-backdoored version of CCleaner was released the same day.Īs for the compromised cloud version, CCleaner Cloud v, which was released on Aug. It is also possible that an insider with access to either the development or build environments within the organization intentionally included the malicious code or could have had an account (or similar) compromised which allowed an attacker to include the code.” Cisco Talos researchers said, “It is likely that an external attacker compromised a portion of their development or build environment and leveraged that access to insert malware into the CCleaner build that was released and hosted by the organization. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |