Who can you trust? Malware in your anti-malware.


Ccleaner, an anti-malware program used by over 2 million users had been Trojanized (compromised) by hackers to deliver malware. You can't make this stuff up. The very tools you use to help prevent or cleanup malware can also be compromised resulting in the spread of malware. "Piriform, now owned by security firm Avast, says that its download servers were compromised at some point between August 15, when it released version v5.33.6162 of the software." Cisco Talos researchers determined that the software was used to target tech firms for trade secrets. The lesson here is trust no one. Constant vigilance is needed to fend of hackers. I have to hand it to the hackers this was a very clever compromise.

References

Guardian (UK) "CCleaner: 2 Million Users Install Anti-Malware Program That Contains Malware" by Alex Hern 19 SEP 2017: https://www.theguardian.com/technology/2017/sep/19/ccleaner-2m-users-install-anti-malware-program-security-avast-supply-chain-attack-hack

Avast Statement; https://blog.avast.com/additional-information-regarding-the-recent-ccleaner-apt-security-incident

PC MAG, "CCleaner Hackers Targeted Top Tech Firms' Trade Secrets. The hackers specifically targeted at least 20 high-profile tech firms, which were 'served specialized secondary [Stage 2] payloads,' according to Cisco Talos researchers." By Angela Moscaritolo, 21 SEP 2017: https://www.pcmag.com/news/356361/ccleaner-hackers-were-after-high-profile-tech-firms-trade-s

ISMG, "Trojanized Avast CCleaner Attack Targeted Major Tech Firms, Supply Chain Attack May Have Backdoored Hundreds of High-Profile Targets," By Mathew J. Schwartz, 22 SEP 2017: https://www.govinfosecurity.com/trojanized-avast-ccleaner-attack-targeted-major-tech-firms-a-10328

ISMG, "Trojanized CCleaner Investigation: Lucky Break, Backup Server Reveals Secondary Malware Hit Intel, VMware, Fujitsu and Others" By Jeremy Kirk, 26 SEP 2017: https://www.govinfosecurity.com/trojanized-ccleaner-investigation-lucky-break-a-10332

#Cybersecurity #Antimalware #Antivirus #DataBreach #TradeSecrets

Featured Posts
Recent Posts
Archive
Search By Tags
No tags yet.
Follow Me
  • Facebook Basic Square
  • LinkedIn Social Icon
  • Twitter Basic Square
  • YouTube Social  Icon
  • SlideShare

© 2021 by Donald E. Hester

  • Facebook Social Icon
  • LinkedIn Social Icon
  • Twitter Social Icon
  • YouTube Social  Icon
  • SlideShare