Piriform maintained that updates were automatically issued for users who have installed the infected CCleaner tools.Hackers have successfully breached CCleaner’s security to inject malware into the app and distribute it to millions of users. Meanwhile, Piriform reiterated that the issue has been "resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker, and we're moving all existing CCleaner v users to the latest version." Piriform then admitted that the said CCleaner versions were "illegally modified before it was released to the public." The company has also contacted the authorities to help them crack the case. 12 – earlier than Talos' detection – where they found "an unknown IP address receiving data from software found in version of CCleaner, and CCleaner Cloud version, on 32-bit Windows systems." In their own investigation, Yung revealed they had spotted "suspicious activity" on Sept. Piriform executive Paul Yung posted a statement on their blog page to address the issue and apologized to users who have been affected by the breach. We confirmed that this malicious version of CCleaner was being hosted directly on CCleaner's download server as recently as September 11, 2017," Talos stated. "During the installation of CCleaner 5.33, the 32-bit CCleaner binary that was included also contained a malicious payload that featured a Domain Generation Algorithm (DGA) as well as hardcoded Command and Control (C2) functionality. Making it worse was the fact that the security firm was able to confirm that the infected installer was an authentic copy from "legitimate CCleaner download servers."ĬCleaner is a tool used for optimizing computers as it gets rid of digital junk that normally would not be removed by simply clicking "Delete." With this, the software promised that a computer will be able to perform faster and will be more secure.Īs Talos dug deeper on why CCleaner – a legitimate software with Piriform's genuine digital signature – was triggering their malware detection program, they discovered that when users downloaded it, an unathorized application came along with it. When they took a closer look on what was alerting their malware detection service, Cisco Talos discovered that the issue was linked to Piriform's CCleaner version 5.33 installer. "Cisco Talos identified a specific executable which was triggering our advanced malware protection systems," the firm revealed in an official statement. 13 for their "new exploit detection technology." The security issue was discovered last week by the firm Cisco Talos during a customer beta testing activity they launched on Sept. London-based developer Piriform confirmed in a blog post that up to 2.27 million people have downloaded the compromised CCleaner tools. It was recently discovered that a hacker was able to spread malware to more than 2 million computers, ironically by using the popular security software called CCleaner. People wearing balaclavas are silhouetted as they pose with a laptops in front of a screen projected with the word 'cyber' and binary code, in this picture illustration taken in Zenica October 29, 2014.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |