Hackers Attacked Big Technology Fish through Avast's CCleaner Breach

CCleaner malware delivered secondary payload to select targets

CCleaner malware delivered secondary payload to select targets

In any case, specialists at Cisco, one of the organizations that had cautioned Avast of the assault, said on Wednesday that a control server seized by US law enforcement demonstrated that the programmers had introduced extra pernicious software on a certain set of around 20 machines.

The company said it had resolved the problem quickly and believed no harm was done to any of its users because the command and control (CC) server had been shut down and there was no indication the malicious code had been executed, but researchers have since found otherwise.

"Given that CCleaner is a consumer-oriented product, this was a typical watering hole attack where the vast majority of users were uninteresting for the attacker, but select ones were", Avast researchers said. However, it is thought that the hackers had knowledge of Asian networks, and that although many companies in that region were targeted, China was suspiciously unaffected, according to Avast.

However, they said that because the CC log data has been recovered for only 3 of the 31 days the CCleaner backdoor was active, the total number of infected computers is "likely at least in the order of hundreds".

The real target of this attack is now thought to have been major tech firms like Microsoft, Google, Samsung, Sony, Intel and others according to the Talos threat intelligence team form Cisco. However, a second report from the Talos group says the original attack turned out to be much worse than initially thought, so you may need to take additional steps to protect yourself.

"Our investigation and hunt for the perpetrators continues", said Avast, in a blog post on Friday.

It's worth noting that CCleaner version 5.34 has not been compromised but Avast recommends updating to version 5.35 of the software. Thi sled them to a conclusion that the impact of the breach was way too serious than anticipated by Piriform, producer of the infected CCleaner utility which is also a part of Avast Software, based in Prague.

Earlier this week researchers at Cisco Talos discovered that version 5.33 of popular PC maintenance tool CCleaner contained malware. "This is because with supply chain attacks, the attackers are relying on the trust relationship between a manufacturer or supplier and a customer", the Cisco Talos research team said in a blog post.

Notícias recomendadas

  • Exxon Mobil Corporation (XOM) Upgraded to "Buy" at Vetr Inc

    Cordasco Financial Network raised its holdings in stocks of Exxon Mobil Corporation by 0.6% through out the 1st period. Windsor Cap Mngmt holds 0.83% or 20,438 shares. 69,919 were accumulated by Parametric Port Assoc Ltd Liability Co.
    Bungie has detailed Faction Rallies, starting in Destiny 2 next week

    Bungie has detailed Faction Rallies, starting in Destiny 2 next week

    Anyone who did not pledge to the victor can still purchase the gun, but it will cost 50,000 Glimmer instead. Despite being less than a month old, Destiny 2's first special event is about to get underway.
    Met police forced to review form used to shut down grime events

    Met police forced to review form used to shut down grime events

    The Mayor has also come under pressure from culture minister Matt Hancock who has described the form's targeting of live music from minority backgrounds as an "injustice".
  • Aiden Markram to make Test debut against Bangladesh

    Handed the captaincy in this week's Sunfoil Series round of matches, Markram hit 119 and 87 against the Dolphins to book his place.
    Thousands evacuated as Bali volcano spews ominous smoke 3000 meters high

    Thousands evacuated as Bali volcano spews ominous smoke 3000 meters high

    According to seismic monitoring equipment, there were nearly 700 tremors on Mount Agung on Thursday and close to 200 more on Friday.
    India Twitter celebrates Kuldeep Yadav hat trick

    India Twitter celebrates Kuldeep Yadav hat trick

    Before the second ODI in Kolkata , Kuldeep had said he can dismiss Warner "anytime". Marcus Stoinis remained not out on 62 while Steve Smith scored 59.
  • Ukraine ambassador takes photographs near Red Fort, phone snatched

    Ukraine ambassador takes photographs near Red Fort, phone snatched

    Polikha immediately approached the police after which the case was registered and teams were formed to nab the alleged snatcher. The envoy has provided the police with the identification details of the culprit to help them in the investigation.
    Movie of the Week: Kingsman: The Golden Circle!

    Movie of the Week: Kingsman: The Golden Circle!

    Brits are too cool to care about any death or carnage they leave in their wake, and therefore there are no meaningful stakes. Sounds simple enough, right? Like, a lot of ground to cover. "I was delighted to get the chance to do it".
    Trump to drop limits on drone strikes, commando raids

    Trump to drop limits on drone strikes, commando raids

    However, the Trump administration will keep the requirement that there needs to be "near certainty" that no civilians will be killed during an attack.
  • HealthEquity, Inc. (NASDAQ:HQY) Closed 6.2% Above Its 50 Day Moving Average

    Following the completion of the sale, the insider now directly owns 1,000 shares in the company, valued at approximately $50,830. The transaction was disclosed in a document filed with the Securities & Exchange Commission, which is available at this link .
    Teenager charged over London Tube bombing

    Teenager charged over London Tube bombing

    She also said that police tip off websites to hundreds of extremists websites and postings, which are then taken down. He has been charged with attempted murder and possessing explosives over the Parsons Green Tube terrorist attack.
    Shooting Down North Korea's Missiles Is Not As Easy As It Sounds

    Shooting Down North Korea's Missiles Is Not As Easy As It Sounds

    Security Council this week as well as repeated warnings from around the world that the country should stop raising tensions. North Korea is expected to be a main talking point at the UN General Assembly in NY this week.

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.