“We started working with law enforcement on late Tuesday afternoon, and we got the server shut down on Friday of last week. “The malicious code was a two-stage code, that is it has a rather innocuous component that transmitted some very basic non-personal data, but there was a second stage which allowed the server to transmit any executable to CCleaner for execution, and that’s the dangerous part,” Steckler said.Īfter finding it and getting the server shut down, Avast could safely announce what had happened without endangering vulnerable customers. Once the code was detected, Avast had to keep it under wraps so the culprit was unaware the company was on to the malware infection. This malware infects your motherboard and is almost impossible to remove Hackers are infiltrating news websites to spread malware Ransomware is becoming a troubling trend, and if hackers are able to infect infect update servers they can spread malware to as many machines as possible.In the age of ChatGPT, Macs are under malware assault For example, earlier this year, it was found that a breach at Ukranian software company MeDoc was responsible for the NotPetya ransomware. While Avast got in front of the issue and resolved it without incident, smaller companies might not be able to react so quickly. The impact on you at home: While personal users within the target area shouldn’t see any impact from this attempted attack, it’s still a scary notion. If you’re affected, Cisco Talos recommends using a backup to restore your PC to a state prior to August 15, 2017, which is when the hacked version was released. You’ll also want to perform an antivirus scan on your computer. Previous releases are also still available on the company’s website, but the infected version has been removed from the company’s servers. Personal users can download CCleaner 5.34 from Avast’s website if they haven’t already done so. Cisco Talos suspects the attackers planned to use the malware to conduct industrial espionage. “Given that the logs were only collected for little over three days, the actual number of computers that received the 2nd stage payload was likely at least in the order of hundreds,” Avast says.Ĭisco Talos also studied the malware’s command server and reports that it was attempting to infiltrate PCs in technology organizations, including Intel, Samsung, HTC, VMWare, Cisco itself, and others. Update: On September 21, Avast revealed that the malware was designed to deliver a second-stage payload to infected computers in specific organizations, and at least 20 machines across eight companies contacted the command and control server. The intent of the attack is unclear at this time, though Avast says the code was able to collect information about the local system. Most reassuringly, Yung states that Avast was seemingly able to disarm the threat before it was able to do any harm. Additionally, the company is moving all users to the latest version of the software, which is already available on the company’s website (though the release notes only mention “minor big fixes.”) He also says Piriform has shut down the hackers’ access to other servers. Yung assures customers that the threat has been resolved and the “rogue server” has been taken down. 13, Cisco Talos found that the official download of the free versions of CCleaner 5.33 and CCleaner Cloud also contained “a malicious payload that featured a Domain Generation Algorithm as well as hardcoded Command and Control functionality.” What that means is that a hacker infiltrated Avast Piriform’s official build somewhere in the development process build to plant malware designed to steal users’ data. 21 with details about the malware targeting specific technology companies for industrial espionage. In an in-depth probe of the popular optimization and scrubbing software, Cisco Talos has discovered a malicious bit of code injected by hackers that could have affected more than 2 million users who downloaded the most recent update.Įditor’s note: This article was first published on September 18, 2017, but was updated on Sept. It seems that CCleaner, one of PCWorld’s recommendations for the best free software for new PCs, might not have been keeping your PC so clean after all.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |