![]() ZDNET's editorial team writes on behalf of you, our reader. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers. Neither ZDNET nor the author are compensated for these independent reviews. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates.ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organizations and individuals around the world. That and you don’t expect an antivirus firm to infect you with malware. Taking advantage of that trust is partially why this attack is so distressing. If you installed it, then go grab a clean version of CCleaner now if you intend to keep using the software.ĬCleaner has been popular for years, trusted by tech-savvy users. The freebie version won’t automatically update to a version without a backdoor. At the time of this writing that is version 5.34. ![]() Users should also update to the latest available version of CCleaner to avoid infection. Affected systems need to be restored to a state before August 15, 2017, or reinstalled. If even a small fraction of those systems were compromised, an attacker could use them for any number of malicious purposes. Cisco Talos said, “The impact of this attack could be severe given the extremely high number of systems possibly affected.” ![]() Piriform previously claimed that there have been 2 billion total CCleaner downloads with an additional 5 million weekly installs. Piriform said, “It would have been an impediment to the law enforcement agency’s investigation to have gone public with this before the server was disabled and we completed our initial assessment.”Īn estimated 2.27 million systems installed the infected CCleanerĪlthough Avast doesn’t want users to panic, it admitted to Forbes that an estimated 2.27 million systems installed the backdoored versions. 24, the company released a non-malware tainted version on Sept. Piriform confirmed the attack, saying Avast “determined on the 12th of September that the 32-bit version of our CCleaner v and CCleaner Cloud v products, which may have been used by up to 3% of our users, had been compromised in a sophisticated manner.” A non-backdoored version of CCleaner was released the same day.Īs for the compromised cloud version, CCleaner Cloud v, which was released on Aug. It is also possible that an insider with access to either the development or build environments within the organization intentionally included the malicious code or could have had an account (or similar) compromised which allowed an attacker to include the code.” Cisco Talos researchers said, “It is likely that an external attacker compromised a portion of their development or build environment and leveraged that access to insert malware into the CCleaner build that was released and hosted by the organization.
0 Comments
Leave a Reply. |