Avast ccleaner malware name5/16/2023 Most disturbing of all is that the malware was able to hide itself in the CCleaner program for at least four weeks before it was discovered, so well-written that it didn't trigger security systems and anti-virus programs. However, the code has been in use for quite awhile, so it's possible at this point that someone else simply bought it, Steckler said.Ĭzech-based Avast bought the London-based firm Piriform, which produces the CCleaner, in July. The malware runs on code related to code used by a group known to work out of China. n Avast spokeswoman told Reuters that 2.27 million users had downloaded the infected version of CCleaner, and that 5,000 installations of CCleaner Cloud had. Some of the world's top telecom gear makers include Cisco, Huawei and Ericsson. It had not narrowed the targets to telecom equipment companies.Īvast researchers didn't name the companies it had identified. Late Wednesday, Cisco Talos, the security research arm of San Jose, Calif.-based Cisco, said it had found the malware contained a hidden "attack within the attack" that specifically targeted large tech companies, possibly to do commercial or state-level espionage. Such attacks are likely to continue for the coming years, especially as most companies migrate their infrastructure to centrally-managed cloud-based systems."Obviously with a piece of broadly distributed software like this, they could target lots of sectors," Steckler said. Supply-chain attacks are today's top threat, and government agencies in the US and France have recently issued alerts about an ongoing campaign perpetrated by Chinese hackers. "We believe all global software companies, including both Microsoft and us at Avast, will need to continue to vigilantly protect our networks from attacks by those who seek to damage us and our users," Avast told us.īut Avast and TeamViewer aren't the only companies that have been targeted only to serve as a jumping point into the network of other companies. As long as an app is good at its job, hackers are going to keep coming. As the company told ZDNet, the threats it's facing are no different than what its competitors are facing.įor example, TeamViewer, which offers an eponymously named product, also suffered a security breach at the hands of Chinese hackers back in 2016. However, this huge userbase is also the reason why Avast bought it in the first place.Īvast's plan of attack involves bolstering its security. The app's gigantic userbase makes CCleaner a perfect target for supply-chain attacks. It's an all-in-one system administration toolkit, and one very good at its job, if we're to look at its download numbers. The app now supports remote management features, hard drive defragmentation, email alerts, cloud-based management features, and many more. However, as previously stated in this article, today, CCleaner is more than just a "useless" registry cleaner. In the light of this second hack, many users have expressed their opinions today, claiming that Avast should just retire CCleaner, as the app is only a magnet for state-sponsored hackers, and that the app has no real purpose (many consider registry cleaner apps as being useless or plain harmful). While Avast refrained from attributing the attack to any threat actor, the Czech Security Information Service (BIS), the country's intelligence service, said in a press release today that Chinese hackers were behind this attack, just like in the first. The company is still investigating this second breach but said that hackers weren't successful at pushing out a malicious CCleaner release today. This was their entry point inside Avast's network. Avast said hackers compromised an employee's VPN credentials to access a temporary VPN profile that was left active and without 2FA protection.
0 Comments
Leave a Reply. |