“By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates." "This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organizations and individuals around the world," said Cisco Talos in its blog about the attack. While Avast Piriform acted quickly to fix the problem once the malware was detected, Cisco Talos’ investigation found the compromised version of CCleaner was released on August 15 – so the malware was spreading inside trusted, legitimate security software for weeks undetected. That means hackers somehow gained access to the official development process and implanted malware designed to steal data from the product’s two million users. On September 13, researchers at Cisco Talos found that downloads of CCleaner 5.33 and CCleaner Cloud contained more than just the official free versions – a domain generation algorithm (DGA) and hardcoded Command and Control function was incorporated into the software. Users of CCleaner for Windows, a maintenance and file clean-up tool developed by Avast Piriform, are being told to update their software immediately, since it’s been discovered that hackers had installed a backdoor in the official application that would allow additional malware to be added to the infected system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |