“All of the collected information was encrypted and encoded by base64 with a custom alphabet. The encoded information was subsequently submitted to an external IP address .x (this address was hardcoded in the payload, and we have intentionally masked its last two octets here) via a HTTPS POST request.” – Paul Yung, V.P. The malicious software collects all sorts of data and sends it to the attacker’s Command and Control (C&C) servers. So check your version number to see if you’re one of the unlucky users. Both the Windows 32-bit version v and CCleaner Cloud v were affected. The malware was discovered by Cisco’s Talos Intelligence Group on September 13 and then quickly confirmed by both Piriform and Avast. Back then, an Ukranian company called MeDoc had it’s supply servers hacked, installing the Petya malware on thousands of computers. The attack is just another supply chain attack where Piriform (may I note, which has recently been acquired by Avast) had it’s official download servers hacked and CCleaner’s installation files swapped with a malicious version built by unknown hackers.Įarlier this year, a similar attack happened for the distribution of the Petya ransomware. If you have downloaded CCleaner from August 15 until Septemthen you might want to be slightly worried because your machine has been compromised. All that by downloading it from the OFFICIAL website! This means that about 20 million users worldwide have their devices compromised to the attackers. CCleaner, a popular junk cleaning tool, has been hacked.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |