CCleaner is a popular Windows utility used by many millions of internet users to remove cookies, wiped browsing histories, and clean-up temporary internet files where malware might be lurking. While initially, this looked like another case where a user downloaded a fake, malicious CCleaner app. Here is the detailed blog from Talos, wherein they have provided in-depth technical details about the security glitch, and some possibilities of what could have been gone wrong for those 2.27 million users, who downloaded the affected version. Digitally-signed version of CCleaner 5.33 secretly stole information from users’ computers. Both research teams identified a version of CCleaner 5.33 making calls to suspicious domains. Specific information related with the PC, such as whether it is 64-bit system or not and more.MAC Address of first three network adaptors.List of all installed software, including Windows Updates.But based on all the knowledge, we don’t think there’s any reason for users to panic.”Īs per reports released by Talos, who discovered this threat, some vital information related with computers could have been stolen by hackers, which includes: Get Protected If youre one of the over 2 million users worldwide that has been infected by CCleaner, you need to remove it from your computer immediately. Morphisec identified and prevented malicious CCleaner.exe installations on August 20 at customer sites. Morphisec was the first to uncover the CCleaner Hack and notify Avast. Es hat nicht gefunden was mit CCleaner zu tun hat. Dann habe ich AVAST, Malwarebytes durchlaufen lassen. In addition, the CCleaner cloud version 1.07 was affected. Zu 3 Sind die Malware Viren von Hacker angriif bereingt behoben wurden Ich will ganz sicher sein das CCleaner wieder sauber ist ohne Malware. The attack was disclosed on September 18, when security firm Avast revealed that 2. Highlighting the exploitation of a trusted supply chain, Talos in their blog post said, “By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users’ inherent trust in the files and web servers used to distribute updates,” Malware Was Contained But Security Glitch Was SeriousĪvast immediately resorted to damage control, and shared that that the second-stage payload of malware was never activated.Īvast chief technical officer Ondrej Vlcek said, “2.27 million is certainly a large number, so we’re not downplaying in any way. According to Avast, some 2.27 million users were running the weaponized version 5.33 of CCleaner. CANCUN - KASPERSKY SECURITY ANALYST SUMMIT - The investigation into the September 2017 CCleaner incident has revealed what appears to be a stage three payload that attackers supposedly intended to deliver to infected users. Between August 15 and September 12, 2.27 million users downloaded CCleaner, which is distributed by Avast, which contained a ‘multistage malware payload’, hidden on top of CCleaner installation.Ĭisco Talos immediately informed Avast, and were alerted about this vulnerability.Īs per Avast, they have already released forced security updates for all users who have downloaded this affected version, and they were “able to disarm the threat before it was able to do any harm.”
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |