The malicious version of the application was said to contain multi-stage malware payload that steals data from compromised computer systems and sends them back to the remote command-and-control servers of the hackers. Threat analysts from Talos reported that the CCleaner malware was just detected last September 13th. Reports from Ukraine Cyber police confirmed that the effects of the supply chain attack was broad reaching and compromised over 2000 companies in Ukraine alone. Further investigations into the case lead the Talos researchers to a “supply chain-focused attack at M.E.Doc software that delivered a destructive payload disguised as ransomware.” This trust relationship is then abused to attack organizations and individuals and may be performed for a number of different reasons.”Ī similar kind of attack, the Nyetya attack, was staged earlier this year and affected many organizations inside of Ukraine and multinational corporations operating in the said country. This is because with supply chain attacks, the attackers are relying on the trust relationship between a manufacturer or supplier and a customer. “Supply chain attacks are a very effective way to distribute malicious software into target organizations. Supply Chain AttacksĪccording to Talos, the hacking of the CCleaner hack is another example of supply chain attack. The company also boasts that per month, the application can clean over 35 million GB of space–or about 7 billion selfies-worth of data. CCleaner is an application that allows its users to conduct routine maintenance on their computer systems.Īccording to the Piriform website, the creator of CCleaner acquired by Avast in July of this year, the CCleaner application has over 2 billion downloads worldwide as of November 2016. ![]() For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner.”Īvast, a company which focuses on developing antiviruses and other security applications for Microsoft Windows, MacOS, Android, and iOS, owns CCleaner. “Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. So, it may now be the case that if you go to install CCleaner while running Microsoft Defender, you’re no longer warned against proceeding, assuming the security app is indeed updated as CCleaner asserts.If you’re one of the millions of individuals who downloaded the CCleaner application on your computer between this last August 15th and September 12th, be warned–your computer was potentially infected by the CCleaner malware.Ĭybersecurity experts from Cisco Talos, the threat intelligence group of Cisco, reported that unidentified hackers have successfully infiltrated the download servers of Avast that let users download the CCleaner app and replaced it with what they dubbed as the CCleaner malware.Ī part of the threat intelligence report that the Talos researchers published read: We surmise the issue appears to be around bundling, and we believe we have addressed this so that our product is now no longer flagged.” ![]() Often, these matters are down to the way the options to opt out are presented.Īt any rate, according to a statement just released by CCleaner, the firm believes that the issue has been resolved.Ī CCleaner spokesperson told us: “We are in the process of engaging with Microsoft to understand why CCleaner was recently detected as PUA. The company observes that while the CCleaner installation process does provide a way to opt out of putting these extras on your PC, as you would expect, the judgment is that “some users can easily inadvertently install these bundled applications”. ![]() Microsoft further stresses that those bundled apps are perfectly fine and not in any way malicious, of course, but it’s the way that they are offered for installation which is problematic. Those bundled apps include Google Chrome browser, Google Toolbar, and Avast Free Antivirus plus AVG Antivirus Free (note that Piriform is now owned by Avast, which also owns AVG too).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |