Too many companies have not adequately secured their software supply chain. The attack underscores advice stressed by many software-security professionals: The software development process needs to be better secured to stop potentially devastating attacks. “Once the attacker has all the certificates and all the keys and all the passwords, there is not a lot you can do.” “The fact of the matter is, when it comes down to supply chain attacks, if the attacker is in your build system already, you’ve lost,” Craig Williams, senior technical leader with Cisco’s Talos research group, told eWEEK. Underscoring the effectiveness of inserting code during development, only one of the 64 antivirus scanners run by VirusTotal detected the malicious behavior, in large part because the CCleaner binary had a legitimate digital signature, according to an investigation by enterprise-technology giant Cisco, which detected the attack before Avast’s Piriform publicly announced the incident. 12-more than 2.27 million users-effectively installed a backdoor onto their systems as well. On Monday, security-software firm Avast announced that its popular system-cleaning program CCleaner-developed by Piriform, a company acquired by Avast in July-had been compromised during development and infected users’ system with malicious code for almost a month.Īnyone who installed the then-current 32-bit Windows version of CCleaner and CCleaner Cloud between Aug. Avast has stated that the attacks will keep happening again and again and therefore, there is no chance that they will give up on the CCleaner.The software supply chain is increasingly under threat by attackers who seek to turn legitimate software programs into Trojan horses that can compromise millions of computers. As long as a company is among the top in the market, the hackers will keep coming. On the flip side, Avast has stated that the CCleaner is not facing anything that other tech giants are not. The huge userbase of the app is what makes it so special. You can find cloud-based management, remote management, email alerts and much more in CCleaner.ĬCleaner is one of the top apps in the market, which is the reason why it attracts such malware attacks. Also read: Facebook increases its bug bounty but how would it help the company?Įven though people are reporting negative traits of the CCleaner but are forgetting the number of features it has in it.As stated by high-tech companies, CCleaner is nothing but a state-magnet to the Chinese hackers. The only statement released by the company is that the attack might be from the same 2017 Chinese hackers.Īvast has been suggested by other tech-companies to retire CCleaner before it further causes any trouble for the company. Currently, Avast is working on finding more about the malware attack, however, there has been no update until now. The company stated that the hackers entered into the network through an employee’s VPN credentials of a temporary VPN profile, left unprotected by 2FA protection.Įven though the breach was real, but the hackers were not able to hit the new CCleaner update with malware. ![]() ![]() Now, coming to the 2019 hack, the hackers have now tried to enter into the Avast network. The hackers were finding ways to enter into the computers of high-tech computers that would leave for a second more powerful malware attack.Īfter Avast acquired CCleaner, they released a report stating that over 2.27 million users were affected by the first-stage Floxif Trojan, however, only 40 computers were affected by the second malware attack. ![]() The new update of CCleaner was tainted with the malware and the malware was known as Floxif. The attack was done by the Chinese state-sponsored hackers who used a TeamViewer account to get into the CCleaner distribution servers. This Windows app first came with the sole feature of “register cleaning”, however, soon it becomes one of the top due to a number of features that were introduced in it with time.īefore the acquisition of CCleaner by Avast in 2017, the app was hit by a major hack. CCleaner is a Windows application, controlled by Piriform that was recently acquired by Avast in 2017.
0 Comments
Leave a Reply. |