On March 11 of last year, attackers compromised the systems Piriform, the company that created CCleaner.
#Ccleaner malware type software#
The incident exposed millions of computers and reinforced the threat of so-called digital supply chain attacks, situations where trusted, widely distributed software is actually infected by malicious code.Īt the RSA security conference in San Francisco on Tuesday, Avast executive vice president and chief technology officer Ondrej Vlcek walked through a post-mortem of the attack, which ultimately led to 2.27 million downloads of the corrupt CCleaner version. The software updates users were downloading from CCleaner owner Avast-a security company itself-had been tainted with a malware backdoor. It’s hard to see how the situation will improve until everyone - even small-fry software vendors - takes responsibility and ups their digital defenses.In September, security researchers at Cisco Talos and Morphisec made a worst nightmare-type disclosure: the ubiquitous computer cleanup tool CCleaner had been compromised by hackers for more than a month. And as they warn in a follow-up post, these types of attacks now “seem to be increasing in velocity and complexity.” As the Cisco researchers note in their analysis, a product from an established vendor “rarely receives the same level of scrutiny” as one from an untrusted source.
#Ccleaner malware type Patch#
These supply chain attacks fly in the face of commonly accepted principles of computer security-i.e., patch your systems early and often-and they undermine everyone’s trust in the software ecosystem. and South Korean tech firm NetSarang that infected hundreds of banks and other companies over the summer. Similarly, Kaspersky Labs, the lately besieged Russian cybersecurity firm, found a backdoor in server management software from the U.S. The attack crippled operations at big companies, ranging from Danish shipping giant Maersk to U.S.
#Ccleaner malware type update#
Earlier this year hackers compromised MeDoc, a piece of accounting software developed by a Ukrainian tech firm, in order to spread a destructive strain of ransomware, dubbed NotPetya, through its update mechanism. This is only the most recent example of such an attack. This article first appeared in the Cyber Saturday edition of Data Sheet, Fortune’s daily newsletter on the top tech news. Presumably, the intruders sought trade secrets. With that foothold, the attackers then attempted to drill down deeper into the networks of at least 18 big tech company targets, including Google, Intel, Microsoft, Samsung, HTC, and Cisco. Here’s what happened: In August, some unknown hacking group inserted a backdoor into the CCleaner software, which was then dutifully installed on more than 700,000 machines. (Morphisec, an Israeli cybersecurity startup, had discovered the compromise too.) The hacking operation sabotaged CCleaner, a popular piece of computer cleaning software distributed by Avast, a Czech antivirus firm.
Cisco researchers exposed one of these sneaky incursions earlier this week. That’s good digital hygiene, after all.Īt least that’s what we’ve been trained to think. Customers, careful to keep their software up to date, don’t think twice about downloading the latest iterations. The scheme goes like this: Hackers compromise a trusted software vendor, subvert its products with their own malicious versions, and then use the tainted formulation to infect customers - thereby bypassing internal security controls and easily spreading malware far and wide.
0 kommentar(er)
