![]() ![]() Am I at risk from malware?Īnyone specifically using the 32-bit Windows version of CCleaner is at risk. “There is no indication or evidence that any additional ‘malware’ has been delivered through the backdoor,” it added. “We believe that these users are safe now as our investigation indicates we were able to disarm the threat before it was able to do any harm,” the company said in a press statement. How many people are at risk?Īvast, the multinational cybersecurity firm that recently bought Piriform, says it believes the compromised software was installed on 2.27 million machines. After investigating further, it determined these versions were modified illicitly before their release to users. By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates.Piriform says it first detected a problem on September 12, when it noticed an unknown IP address receiving data from software found in recent versions of the software. ![]() This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organizations and individuals around the world. That and you don’t expect an antivirus firm to infect you with malware. Taking advantage of that trust is partially why this attack is so distressing. If you installed it, then go grab a clean version of CCleaner now if you intend to keep using the software.ĬCleaner has been popular for years, trusted by tech-savvy users. The freebie version won’t automatically update to a version without a backdoor. At the time of this writing that is version 5.34. Users should also update to the latest available version of CCleaner to avoid infection. Affected systems need to be restored to a state before August 15, 2017, or reinstalled. If even a small fraction of those systems were compromised, an attacker could use them for any number of malicious purposes. ![]() Cisco Talos said, “The impact of this attack could be severe given the extremely high number of systems possibly affected.” Piriform previously claimed that there have been 2 billion total CCleaner downloads with an additional 5 million weekly installs. Piriform said, “It would have been an impediment to the law enforcement agency’s investigation to have gone public with this before the server was disabled and we completed our initial assessment.”Īn estimated 2.27 million systems installed the infected CCleanerĪlthough Avast doesn’t want users to panic, it admitted to Forbes that an estimated 2.27 million systems installed the backdoored versions. 24, the company released a non-malware tainted version on Sept. Piriform confirmed the attack, saying Avast “determined on the 12th of September that the 32-bit version of our CCleaner v and CCleaner Cloud v products, which may have been used by up to 3% of our users, had been compromised in a sophisticated manner.” A non-backdoored version of CCleaner was released the same day.Īs for the compromised cloud version, CCleaner Cloud v, which was released on Aug. It is also possible that an insider with access to either the development or build environments within the organization intentionally included the malicious code or could have had an account (or similar) compromised which allowed an attacker to include the code.” ![]() Cisco Talos researchers said, “It is likely that an external attacker compromised a portion of their development or build environment and leveraged that access to insert malware into the CCleaner build that was released and hosted by the organization. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |