![]() In its blog, Talos' researchers concluded: "This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organizations and individuals around the world. but it could be useful in follow-up targeted attacks against specific users." Of course, it may be that they really only stole. Of the Piriform claim it had no evidence of much wrongdoing by the hacker, Grooten added: "As I read the Cisco blog, there was a backdoor that could have been used for other purposes. "I have a feeling they are downplaying it indeed," said Martijn Grooten, editor of security publication Virus Bulletin. Not all are convinced by the claims of Piriform, acquired by Avast in July. In other words, to the best of our knowledge, we were able to disarm the threat before it was able to do any harm." "Users of CCleaner Cloud version have received an automatic update. "The threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker. For weeks then, the malware was spreading inside supposedly-legitimate security software. Talos warned in a blog Monday that the affected version was released on August 15, but on September 12 an untainted version 5.34 was released. Comparing it to the NotPetya ransomware outbreak, which spread after a Ukrainian accounting app was infected, the researchers discovered the threat on September 13 after CCleaner 5.33 caused Talos systems to flag malicious activity.įurther investigation found the CCleaner download server was hosting the backdoored app as far back as September 11. It has 2 billion downloads and claims to be getting 5 million extra a week, making the threat particularly severe, researchers at Cisco Talos warned. The affected app, CCleaner, is a maintenance and file clean-up software run by a subsidiary of anti-virus giant Avast. According to Avast's own figures, 2.27 million ran the affected software, though the company said users should not panic. ![]() The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. If you have questions or want to learn more, please contact Secure Sense by calling 86.Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. Connect with Secure Sense to protect data, improve your posture and systems 24/7, 365 days a year. Should you happen to be one of the millions of users that downloaded the infected version 5.33, your best bet is to head to Piriform’s website here and update to the latest iteration of CCleaner. “We estimate that 2.27 million users had the affected software installed on 32-bit Windows machines,” she further added. It would have been an impediment to the law enforcement agency’s investigation to have gone public with this before the server was disabled and we completed our initial assessment,” it added.Ī spokeswoman for security giant Avast, which acquired the UK-based company back in July, told us: “We believe that these users are safe now as our investigation indicates we were able to disarm the threat before it was able to do any harm.” “Working with US law enforcement, we caused this server to be shut down on the 15th of September before any known harm was done. “We have no indications that any other data has been sent to the server,” it writes. The malware was supposedly capable of harvesting various types of data from infected machines - specifically, Piriform says: the computer name, IP address, list of installed software, list of active software and list of network adapters (data it describes as “non-sensitive”) - transmitting it to a third party computer server located in the US. Users of a free software tool designed to optimize system performance on Windows PCs and Android mobile devices got a nasty shock this morning when Piriform, the company which makes the CCleaner tool, revealed in a blog post that certain versions of the software had been compromised by hackers - and that malicious, data-harvesting software had piggybacked on its installer program. ![]() By Secure Sense The popular and free software, CCleaner has been reported to have infected 2.27 million users with malware.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |