Avast: corrupted CCleaner was downloaded 2.27 million times in September last year

peframe

Last September, security experts from Cisco Talos and Morphisec issued a nightmare disclosure: CCleaner, a well-known computer cleaning tool, was hacked for more than a month. Downloading software updates from the CCleaner parent company Avast (which is also a security company itself) will implant malware into the back door. According to preliminary estimates, about a million computers are known as digital supply chain attacks. At RSA Security Conference held in San Francisco on Tuesday, Avast executive vice president and chief technology officer Ondrej Vlcek said that according to the post-mortem investigation and analysis, there were 2.27 million downloads of the corrupted CCleaner this time.

On March 11 last year, the attacker successfully invaded the system of Piriform; in June of the same year, Avast acquired Piriform; in September of the same year, a major security crisis broke out. Vlcek said that after the incident, a quick response was taken, and after this incident, Avast learned his lesson and knew how to better protect users.

It is reported that after the hacking, remote management tools were embedded in CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191, which would secretly connect unauthorized web pages in the background and download other software. Since the entire malicious string misappropriated CCleaner’s genuine digital signature, this download behavior does not cause any abnormal alarms, and the user is unaware of it.

In addition, hackers will try to steal the user’s native privacy information. Avast did not notice anomalies until September 12th. It released a clean CCleaner v5.34 on the day and upgraded CCleaner Cloud three days later. It is recommended that users of this software quickly upgrade to the latest version.

Source: wired