2/19/2023 0 Comments Ccleaner cloud yearly subscriptionJustin Kallhoff, CEO of Infogressive, a Lincoln, Neb.-based cybersecurity specialist, said leveraging popular freeware programs with a large distribution footprint is unfortunately a "really good strategy for hackers." By doing that, he said they can distribute their malware with a more efficient use of time and effort. The blog post also noted that anti-virus detection of the malicious software "remains very low," saying it was detected only one out of 64 times at the time of the blog post publication. Attackers have shown that they are willing to leverage this trust to distribute malware while remaining undetected," the blog post said. In many organizations data received from commonly software vendors rarely receives the same level of scrutiny as that which is applied to what is perceived as untrusted sources. By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates. "This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organizations and individuals around the world. It said this attack is particularly concerning given the wide distribution of CCleaner, which Avast said had 2 billion total downloads as of November 2016. In the Cisco Talos blog post, researchers said the discovery highlights the danger of supply chain attacks, which use legitimate software to distribute malware. We encourage any user of the 32-bit version of CCleaner v to download the latest version of Piriform CCleaner found," he said. "We sincerely apologize for this and are committed to making sure nothing similar happens again. Also, a simple software update does remove the software that was affected and other claims that a full restore is required are false," Vlcek said. "We believe that these users are safe now as our investigation indicates we were able to disarm the threat before it was able to do any harm. The company created a blog post to keep users up-to-date with the investigation and more technical details of the issue. He said the company has since remedied the issue for those users. Vlcek countered Cisco’s claims about the extent of the hack’s impact, saying the company estimated 2.27 million users were initially affected. law enforcement in their investigation," Vlcek said. "We are continuing to investigate how this compromise happened, who did it, and why. 14, at which point he said "our investigation as underway." He said Cisco did not notify Avast of the issues until Sept. 12, when it detected suspicious activity and "immediately started an investigation process," including contacting law enforcement. Vlcek said the company has fully resolved the issue and "believe no harm was done to any of the CCleaner users." He said the company started an investigation on Sept. He said, "no other Piriform or Avast products were affected." In an email statement to CRN, Avast EVP and CTO Ondrej Vlcek said the update only affected older versions of the company’s Piriform CCleaner software, including Piriform CCleaner v and CCleaner Cloud v. It recommended users running older versions of the software manually update their software to the latest version, which currently is version 5.34. The free version of the CCleaner software does not update automatically, the blog post said. The affected version is no longer available for download on the CCleaner site. 11, after which a new version of the software was released (version 5.34). The report said the malicious version was hosted on the servers for download as recently as Sept. Researchers at Cisco Talos, who discovered the hack, said in a blog post that the attack used the download servers to distribute a multistage malware payload alongside the installation of some versions of the CCleaner software.Ĭisco Talos said the attack affected CCleaner version 5.33, which was launched Aug. CCleaner, an application distributed by security company Avast that helps users perform routine maintenance on systems, has been compromised, according to a report Monday, allowing hackers to distribute a malware payload through the legitimate software.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |