Personal users can download CCleaner 5.34 from Avast’s website if they haven’t already done so. Cisco Talos suspects the attackers planned to use the malware to conduct industrial espionage. “Given that the logs were only collected for little over three days, the actual number of computers that received the 2nd stage payload was likely at least in the order of hundreds,” Avast says.Ĭisco Talos also studied the malware’s command server and reports that it was attempting to infiltrate PCs in technology organizations, including Intel, Samsung, HTC, VMWare, Cisco itself, and others. Update: On September 21, Avast revealed that the malware was designed to deliver a second-stage payload to infected computers in specific organizations, and at least 20 machines across eight companies contacted the command and control server.
#CCLEANER MALWARE 2021 CODE#
The intent of the attack is unclear at this time, though Avast says the code was able to collect information about the local system. Most reassuringly, Yung states that Avast was seemingly able to disarm the threat before it was able to do any harm. Additionally, the company is moving all users to the latest version of the software, which is already available on the company’s website (though the release notes only mention “minor big fixes.”) He also says Piriform has shut down the hackers’ access to other servers. Yung assures customers that the threat has been resolved and the “rogue server” has been taken down. 13, Cisco Talos found that the official download of the free versions of CCleaner 5.33 and CCleaner Cloud also contained “a malicious payload that featured a Domain Generation Algorithm as well as hardcoded Command and Control functionality.” What that means is that a hacker infiltrated Avast Piriform’s official build somewhere in the development process build to plant malware designed to steal users’ data.
21 with details about the malware targeting specific technology companies for industrial espionage. In an in-depth probe of the popular optimization and scrubbing software, Cisco Talos has discovered a malicious bit of code injected by hackers that could have affected more than 2 million users who downloaded the most recent update.Įditor’s note: This article was first published on September 18, 2017, but was updated on Sept.
#CCLEANER MALWARE 2021 SOFTWARE#
“Piriform believes that these users are safe now as its investigation indicates it was able to disarm the threat before it was able to do any harm,” says an Avast spokesperson.It seems that CCleaner, one of PCWorld’s recommendations for the best free software for new PCs, might not have been keeping your PC so clean after all. 2.27 million users have been affected by the attack, and Avast Piriform believes it was able to prevent the breach harming customers. Dubbed “crap cleaner,” it’s designed to wipe out cookies and offer some web privacy protections. “For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner,” says the Talos team.ĬCleaner has been downloaded more than 2 billion times according to Avast, making it a popular target for hackers. Security researchers at Cisco Talos discovered that download servers used by Avast (the company that owns CCleaner) were compromised to distribute malware inside CCleaner. Hackers have successfully breached CCleaner’s security to inject malware into the app and distribute it to millions of users.
0 kommentar(er)
