Ccleaner hack fix software#
"In many organisations data received from commonly software vendors rarely receives the same level of scrutiny as that which is applied to what is perceived as untrusted sources." "By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates," the Talos team wrote. Worryingly, it appears to be part of a growing trend.
Accounting firm MeDoc unknowingly disseminated the malware through an automatic software update. When the Petya/NotPetya malware infected computers across Ukraine and the world in July, it was spread by an infected piece of software.
Ccleaner hack fix code#
While the spread of malware is common, the compromise of CCleaner is the second prominent incident this year where malicious code has been distributed by a legitimate-looking software update. "We disclosed everything that happened in a blog when we were cleared to do so," Steckler wrote. They fixed the problem - its stated over and over again that hackers added in this malware code into CCleaner. He added the CCleaner server was taken down before "harm was done to customers" and that the firm had worked with law enforcement officials to try and identify the source of the attack. Steckler said Avast had solved the problem "within approximately 72 hours of discovery". In a follow-up blog post Avast CEO Vince Steckler said people were interested in the CCleaner problems due to the publicity of the Equifax data breach. It also said it "disarmed the threat before it was able to do any harm". Overall the company believes that 2.27 million users had installed the affected version of the software on 32-bit Windows machines. If that version is before version, then you are not affected, and you should manually download the latest version now. "At this stage, we don’t want to speculate how the unauthorised code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it," Piriform wrote on its blog. The hackers were apparently launching a targeted attack, looking for a few needles in the massive haystack of 2.27 million 'successful' malicious downloads. Open CCleaner and look in the top-left corner of the window-you should see a version number under the program name.
0 kommentar(er)
