Piriform, the company behind CCleaner, posted a blog today which explains the technical details of the hack.
The malware also used valid digital signatures to further mask its malicious intent. The hack was able to collect information such as the name of the computer, list of installed software and windows updates, list of running processes, MAC addresses of the first three network adapters, as well as whether the process was running with administrative privileges and whether it is a 64-bit system. On September 12, the official 5.34 version was release.
#CCLEANER ATTACK UPDATE#
In this case, the software's update servers were compromised to deliver malware to victims and Piriform was hosting the malicious software itself.Īnyone who updated to CCleaner 5.3.3 between August 15 and September 11 is at risk of the hack. The hack called a ‘supply chain attack', banks on the trust relationship between supplier and customer. Popular ‘junk' wiper and maintenance software CCleaner has been subject to a hack that could potentially affect billions of users worldwide, according to security firm Talos.
0 kommentar(er)
