Don't know if anyone here is using this, but if so, you may have a problem....... I've seen Avast on my new WIN10-equipped laptop, so I'm going to check when I get home.......
Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million Infected
Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast's own figures, 2.27 million ran the affected software, though the company said users should not panic.
The affected app, CCleaner, is a maintenance and file clean-up software run by a subsidiary of anti-virus giant Avast. It has 2 billion downloads and claims to be getting 5 million extra a week, making the threat particularly severe, researchers at Cisco Talos warned. Comparing it to the NotPetya ransomware outbreak, which spread after a Ukrainian accounting app was infected, the researchers discovered the threat on September 13 after CCleaner 5.33 caused Talos systems to flag malicious activity.
Further investigation found the CCleaner download server was hosting the backdoored app as far back as September 11. Talos warned in a blog Monday that the affected version was released on August 15, but on September 12 an untainted version 5.34 was released. For weeks then, the malware was spreading inside supposedly-legitimate security software.
The CCleaner app, designed to help users carry out good cyber hygiene, was itself infected.
The malware would send encrypted information about the infected computer - the name of the computer, installed software and running processes - back to the hackers' server. The hackers also used what's known as a domain generation algorithm (DGA); whenever the crooks' server went down, the DGA could create new domains to receive and send stolen data. Use of DGAs shows some sophistication on the part of the attackers.
Downplaying the threat?
CCleaner's owner, Avast-owned Piriform, has sought to ease concerns. Paul Yung, vice president of product at Piriform, wrote in a post Monday: "Based on further analysis, we found that the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public, and we started an investigation process.
"The threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker.
"Users of CCleaner Cloud version 1.07.3191 have received an automatic update. In other words, to the best of our knowledge, we were able to disarm the threat before it was able to do any harm."
Not all are convinced by the claims of Piriform, acquired by Avast in July. "I have a feeling they are downplaying it indeed," said Martijn Grooten, editor of security publication Virus Bulletin. Of the Piriform claim it had no evidence of much wrongdoing by the hacker, Grooten added: "As I read the Cisco blog, there was a backdoor that could have been used for other purposes.
"This is pretty severe. Of course, it may be that they really only stole ... 'non-sensitive data' ... but it could be useful in follow-up targeted attacks against specific users."
In its blog, Talos' researchers concluded: "This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organizations and individuals around the world. By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates."
https://www.forbes.com/sites/thomasbrew ... d7150d316a
Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million Infected
Internet, computing and anything electronic and tech related discussed here
Moderator: Super Moderators
Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million Infected
Post by kbot » 09-18-2017 05:50 AM
There you go man, keep as cool as you can. Face piles and piles of trials with smiles. It riles them to believe that you perceive the web they weave. And keep on thinking free. (Moody Blues)
Jump to
- ON THE AIR ~ AM/FM/XM RADIO
- ↳ Art Bell's Midnight in the Desert
- ↳ Art Bell Classic Shows & Somewhere in Time Chat
- ↳ Art Bell Archive
- ↳ Art Bell Archive 12-2001 to 5-2002
- ↳ Fantastic Forum 'Original Radio Room'
- ↳ Art Bell/The New Frontier
- ↳ Dreamland ~ Whitley Strieber
- ↳ George Noory/C2C AM Topics/Radio topics
- ↳ Ian Punnett/Saturday Host
- ↳ George Knapp/C2C Sunday Host
- ↳ John B. Wells Caravan To Midnight
- ↳ Ham Radio/DXing
- Ship's Galley
- ↳ FFPirates on Twitter
- ↳ Announcements/ FYI
- ↳ Rapa - from the Ship's Archives
- ↳ Ship's Galley ~ Fantastic Forum Community
- ↳ The Crow's Nest
- ↳ First Time Posters Thread
- ↳ Laugh a bit with Ole 68
- ↳ Garden & Galley
- The Starboard Tack
- ↳ UFO
- ↳ Quantum Physics/Edge Science
- ↳ Paranormal
- ↳ Ancient Archaeology
- ↳ John Lear Archive
- ↳ Conspiracies/Black Ops
- USA
- ↳ Economy
- ↳ Media Watch
- ↳ Energy Policy
- ↳ American Survival
- The Blue Planet...
- ↳ Awakening of global consciousness
- ↳ The Natural World
- ↳ News from a parallel universe
- ↳ Environment in Crisis
- ↳ All Creatures Great and Small
- NEWS BREAK
- ↳ Alt News Blog
- ↳ National
- ↳ Global
- ↳ Weird Nooz
- SCIENCE & TECHNOLOGY
- ↳ FF IT Tech
- ↳ Earth/ Weather/ Climate
- ↳ Health
- ↳ Astronomy/ NASA/Physics
- ↳ Technology
- ↳ Chemtrails
- ↳ The 10th Planet
- FANTASTIC PUB
- ↳ The Brig
- ↳ Politics and Government 2014 - Present
- ↳ Food
- ↳ The Murky Bilge
- ↳ Music
- ↳ Religion/Metaphysics
- ↳ Philosophy
- ↳ Books, Documentaries, Movies, TV Shows
- ↳ USS TEXAS - BB35 Archive
- ↳ Poetry Forum
- ↳ Pirates and Skeptics -P&G, etc
- ↳ Photography
- SETI @ home
- ↳ FANTASTIC FORUM ~ SETi Team
- ↳ Team Art Bell
- Archive
- ↳ Third Party Candidates - 2004
- ↳ USA Archive
- ↳ Various
- ↳ Who Needs eBay?
- ↳ Iraq
- ↳ Politics and Government 2010-2013
- ↳ MAD'S Mali Journal
- ↳ Wild Card Thread
- ↳ Bush/Cheney '04 Campaign
- ↳ William Henry ~ Stargates in the Age of Tara
- ↳ Hemp Industry
- ↳ We the People
- ↳ Politics and Government 2004-2009
- ↳ Lost Harbour & Dry Dock
- ↳ Fantastic Forum Productions
- ↳ Star Trek Forum
- ↳ USS TEXAS ~ BB 35 Restoration/Preservation Project
- ↳ Politics and Government Pre-2007
- ↳ Fantastic Forum - Editor's Cut