CCLEANER BREACH SOFTWARE
"There is nothing a user could have noticed," Williams said, noting that the optimisation software had a proper digital certificate, which means that other computers automatically trust the program. This is similar to June's NotPetya attack hidden in infected Ukrainian accounting software. "The presence of a valid digital signature on the malicious CCleaner binary may be indicative of a larger issue," the firm said.Ĭraig Williams, a researcher at Cisco Talos, said it counted as a sophisticated attack since it penetrated a trusted supplier.
"Piriform believes that these users are safe now as its investigation indicates it was able to disarm the threat before it was able to do any harm," said an Avast spokesperson.īut a Piriform spokesperson added: "We estimate that 2.27 million users had the affected software installed on 32-bit Windows machines."īut Cisco Talos says the malware could expose a wider security problem. However, the company that owns CCleaner, Avast Piriform, said the breach did not harm any of their customers. "By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates," the blog post continued. What makes this attack unusual is that it comes from a legitimate version of a trusted app. "On September 13 2017, Cisco Talos immediately notified Avast of our findings so that they could initiate appropriate response activities," Cisco Talos said in a blog post.
0 kommentar(er)
