10/29/2022 0 Comments Ccleaner malware threat report![]() ![]()
#Ccleaner malware threat report updateThe change went unnoticed and Piriform signed the compiled software, putting the company’s stamp of approval on the compromised code.Īs many as 2 million copies of that update were shipped and 700,000 computers may have been hit with the first stage of the attack. #Ccleaner malware threat report softwareMalicious software was inserted into an important Visual Studio runtime file that is bundled with the CCleaner application and that loads and runs on victim systems before the execution of the CCleaner software. The attackers who were behind the CCleaner attack compromised and modified the computers used to “build” the CCleaner application. He said the Morphisec customers hit with the CCleaner attack were in industries like manufacturing, services and technology. Still, Morphisec’s investigation did not begin until three weeks after the infect, but quickly led to the discovery that CCleaner’s maker, Piriform (now owned by the security firm Avast), had been hacked. Detail from the second stage of the CCleaner attack. The customer asked Morphisec to explain why its software was blocking a legitimate application, leading to the discovery that the application had been compromised prior to distribution to hundreds of thousands of individuals and companies globally. ![]() He said his firm became aware of the CCleaner attack only after a manufacturing firm located in Singapore that was a customer of Morphisec received a number of alerts that the firm’s software was blocking CCleaner from running. #Ccleaner malware threat report codeMorphisec makes an endpoint protection technology that prevents in-memory attacks, which puts it at a disadvantage for identifying new malicious software, as its technology doesn’t rely on malicious code “signatures” to work. He said he believed there were other so-called supply chain attacks like CCleaner, but declined to say whether his firm had uncovered evidence of other such attacks targeting its customers. “They’re very interesting events and when you go deeper they become more interesting,” he said. While Gorelik declined to say whether they had found evidence that other, similar attacks had taken place, he said the initial findings of the investigation were “very interesting.” We’re revalidating stuff that we caught within the last several months,” he said. The firm that discovered the CCleaner attack thinks there may be other common applications that, like CCleaner, have been secretly compromised and used to gain access to corporate networks.Įngineers at the firm Morphisec are reviewing historical reports that were considered “false positives” to determine if any of those reports may have been evidence of compromises of other common applications, Chief Technology Officer Michael Gorelik told The Security Ledger. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |