Back to Blog
Ccleaner malware 64 bit version6/24/2023 CCleaner V5.33 carrying the CCleaner Malware | Talos | The installer was said to be delivered to endpoints by legitimate download servers. “On September 13th, 2017, while conducting customer beta testing of our new exploit detection technology, Cisco Talos identified a specific executable which was triggering our advanced malware protection systems,” says Talos.Ĭloser inspection of the said malicious executable led the security experts to an installer for CCleaner v5.33. The malicious version of the application was said to contain multi-stage malware payload that steals data from compromised computer systems and sends them back to the remote command-and-control servers of the hackers. Threat analysts from Talos reported that the CCleaner malware was just detected last September 13th. Reports from Ukraine Cyber police confirmed that the effects of the supply chain attack was broad reaching and compromised over 2000 companies in Ukraine alone. Further investigations into the case lead the Talos researchers to a “supply chain-focused attack at M.E.Doc software that delivered a destructive payload disguised as ransomware.” This trust relationship is then abused to attack organizations and individuals and may be performed for a number of different reasons.”Ī similar kind of attack, the Nyetya attack, was staged earlier this year and affected many organizations inside of Ukraine and multinational corporations operating in the said country. This is because with supply chain attacks, the attackers are relying on the trust relationship between a manufacturer or supplier and a customer. “Supply chain attacks are a very effective way to distribute malicious software into target organizations. Supply Chain AttacksĪccording to Talos, the hacking of the CCleaner hack is another example of supply chain attack. The company also boasts that per month, the application can clean over 35 million GB of space–or about 7 billion selfies-worth of data. CCleaner is an application that allows its users to conduct routine maintenance on their computer systems.Īccording to the Piriform website, the creator of CCleaner acquired by Avast in July of this year, the CCleaner application has over 2 billion downloads worldwide as of November 2016. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner.”Īvast, a company which focuses on developing antiviruses and other security applications for Microsoft Windows, MacOS, Android, and iOS, owns CCleaner. “Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. If you’re one of the millions of individuals who downloaded the CCleaner application on your computer between this last August 15th and September 12th, be warned–your computer was potentially infected by the CCleaner malware.Ĭybersecurity experts from Cisco Talos, the threat intelligence group of Cisco, reported that unidentified hackers have successfully infiltrated the download servers of Avast that let users download the CCleaner app and replaced it with what they dubbed as the CCleaner malware.Ī part of the threat intelligence report that the Talos researchers published read:
0 Comments
Read More
Leave a Reply. |