“Given that CCleaner is a consumer-oriented product, this was a typical watering hole attack where the vast majority of users were uninteresting for the attacker, but select ones were.” “At the time the server was taken down, the attack was targeting select large technology and telecommunication companies in Japan, Taiwan, UK, Germany and the US,” the post stated. Previously, Avast said that to the best of their knowledge, the 2nd stage payload was never delivered. The server logs may have indicated that 20 machines across eight organizations received the 2nd stage payload, “but given that the logs were only collected for little over three days, the actual number of computers that received the 2nd stage payload was likely at least in the order of hundreds,” the post stated.
#CCLEANER MALWARE 5.35 UPDATE#
SEE: Information security incident reporting policy (Tech Pro Research)Īvast responded with a blog post update on Thursday from Steckler and Ondrej Vlcek, the CTO and executive vice president of the firm’s consumer business division. “In this particular example, a fairly sophisticated attacker designed a system which appears to specifically target technology companies by using a supply chain attack to compromise a vast number of victims, persistently, in hopes to land some payloads on computers at very specific target networks,” the post stated. These machines belonged to large technology companies, including Samsung, Sony, VMware, Intel, Microsoft, Akamai, and Cisco itself. Security incident response: Critical steps for cyberattack recovery (TechRepublic Premium)īut Cisco Talos found that at least 20 victim machines were served specialized secondary payloads. The 10 best antivirus products you should consider for your business Pentagon finds concerning vulnerabilities on blockchain
Steckler also said that Avast believed that the company disarmed the threat before it was able to do any harm. Some 2.27 million users had downloaded the compromised version of CCleaner, while 5,000 users had installed the compromised version of CCleaner Cloud, Vince Steckler, CEO of Avast, told TechRepublic when the incident was first discovered. The breach appears to be more serious than CCleaner’s parent companies Piriform and Avast initially described. But as it turns out, the attackers also targeted large tech companies, according to a blog post from Cisco Talos, published Wednesday.
#CCLEANER MALWARE 5.35 ANDROID#
Maintenance app CCleaner was recently hacked and used to deliver malware to unsuspecting computers and Android devices.
0 kommentar(er)
