![]() Specifically, the affected versions are v and CCleaner Cloud v z9 (32 bit versions). Piriform's news release and technical blog post did not mention Cisco or its partner Morphisec, instead crediting Avast with discovering the still-unexplained compromise.Īfter the controlling Web addresses were seized, Cisco saw 200 000 attempts to connect to them.Please be advised that CCleaner, a Windows utility used to remove cookies, wipe browsing histories, and clean temporary internet files has been compromised. It said the server was closed down on 15 September, "before any known harm was done".Īvast said little about the breach, posting nothing on its Twitter account in the 12 hours after the announcement, and displaying nothing on its main Web page. Piriform said in a news release it had worked with US law enforcement to shut down a server located in the US to which traffic was set to be directed. Williams said Talos detected the issue at an early stage, when the hackers appeared to be collecting information from infected machines, rather than forcing them to install new programs. ![]() He also recommended running an antivirus scan. The nature of the attack code suggests the hacker won access to a machine used to create CCleaner, Williams said.ĬCleaner does not update automatically, so those who installed the problematic version will need to delete it and install a fresh version, he said. Only the cloud version could be updated automatically to remove the bad code. A new, uncompromised version of CCleaner was released the same day and a clean version of CCleaner Cloud was released on 15 September, it said. Piriform said Avast, its new parent company, had uncovered the attacks on 12 September. A spokeswoman said 2.27 million users had downloaded the August version of CCleaner, while only 5 000 users had installed the compromised version of CCleaner Cloud. It advised users of CCleaner v and CCleaner Cloud v to download new versions. In a blog post, Piriform confirmed that two programs released in August were compromised. "There is nothing a user could have noticed," Williams said, noting the optimisation software had a proper digital certificate, which means other computers automatically trust the program. Talos researcher Craig Williams said it was a sophisticated attack because it penetrated an established and trusted supplier in a manner similar to June's "NotPetya" attack on companies that downloaded infected Ukrainian accounting software. At the time of the acquisition, the company said 130 million people used CCleaner.Ī version of CCleaner downloaded in August and September included remote administration tools that tried to connect to several unregistered Web pages, presumably to download additional unauthorised programs, security researchers at Cisco's Talos unit said. ![]() The malicious program was slipped into legitimate software called CCleaner, which cleans up junk programs and advertising cookies to speed up devices.ĬCleaner is the main product made by London's Piriform, which was bought in July by Prague-based Avast, one of the world's largest computer security vendors. This came after security researchers at Cisco Systems and Morphisec alerted Piriform's parent Avast Software of the hack last week. Piriform said it worked with law enforcement and cut off communication to the servers before any malicious commands were detected. More than 2 million people downloaded tainted versions of Piriform's program, which then directed the computers to get instructions from servers under the hacker's control, Piriform said. Hackers broke into British company Piriform's free software that optimises computer performance last month, potentially allowing them to control the devices of millions of users, the company and independent researchers said on Monday. More than 2 million people downloaded tainted versions of Piriform's program, says the British company.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |