The popular system cleaning app, CCleaner was compromised by currently unknown hackers for over a month in what is known as a supply chain attack. In this time period, the app was used to deliver malware to the computers of unsuspecting PC users who would install the app and infect their PCs in the process
This infiltration was discovered by the security research firm Talos Intelligence, who notified Avast (the owners of Piriform) once they understood the scope of the attack.”Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims.” Talos researchers explained in a blog post, “For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. CCleaner boasted over 2 billion total downloads by November of 2016 with a growth rate of 5 million additional users per week.”
The malware could have been – in theory – used to convert users computers into botnets, and be used to perform direct denial of service (DDOS) attacks on people. In a statement obtained by The Verge, an Avast spokesperson clarified that “Piriform believes that these users are safe now as its investigation indicates it was able to disarm the threat before it was able to do any harm”
The attack, while it was ongoing, only affected 32bit Windows systems (Update: 2.27 million users made use of this infected version). It has since been patched.
نویسنده : محمد رضا جوادیان بازدید : 12 تاريخ : سه
1396 ساعت: 8:10