Daily Management Review

Hackers used infected versions of Piriform’s CC Cleaner to gain corporate secrets


09/22/2017


Users of CC Cleaner are advised to re-download the clean version of the app from Piriform’s website.



According to the research conducted by Cisco Systems that was released on Wednesday, the hackers who penetrated Piriform in August, had also tried to infect systems at Intel, Microsoft and other top tech companies.

This suggest that the hack was far more dangerous than was previously estimated.

Having breached Piriform’s systems, hackers were able to infect the company’s widely used utility, Ccleaner, said Prague-based Avast Software.

In a blog post this week, Piriform and its parent Avast had said no damage had been detected so far, although more than 2 million people had installed infected versions of its utility – Ccleaner.

Even though the infected versions allowed the hackers remote communications, Avast said no alarm was warranted since it had cooperated with researchers and law enforcement agencies and had taken control of the command sites, early in the attack.

Despite, researches at Cisco said, as per a control server that was seized by U.S. law enforcement, hackers had installed additional malicious software on at least 20 other computers.

It is yet unclear these computers are housed in which company. The list of networks that hackers had gone after include Cisco, Sony, Samsung and Akamai.

“It’s like the bad guys cast a net and caught all the fish, but only wanted to infect the machines that were most interesting,” said researcher Craig Williams of Cisco’s Talos unit.

As per Williams, the hackers could have used CC CCleaner installations to steal technology secrets from companies.

The more troubling news is that the hackers may have been looking to plant malware into those companies’ products, which are typically used by high-value targets in government and business around the world.

As per Ondrej Vlcek, Avast’s Chief Technology Officer, “a very small minority of the endpoints” had received subsequent infections. Avast has been contacting the affected firms quietly.

“We don’t believe in going public with any of this stuff while investigation is still ongoing,” he said. “We know that this is also the preference of the law enforcement personnel.” 

Computer security companies, including Cisco, Kaspersky Lab, and others have said the hacking attack had reused code that was previously seen in hacks connected to Chinese authorities.

Since the code could have been stolen, researchers are yet to identify the country from which the hackers originated.



Source:

https://www.reuters.com

:

https://www.reuters.com


 








Science & Technology

Live Facial Recognition Cameras Will Be Used By London Police

Driverless Vehicle For Its Ride-Sharing Service Unveiled By GM’s Cruise

Amazon will allow customers to pay with palms instead of cards

Complete Computer System For Self Driving Cars Launched By Qualcomm

In A Lifetime We Could Accumulate 20Kg Micro-Plastic In Our Body

Creator Of The First 'Gene-Edited' Babies Of The World Gets 3 Year Jail Term In China

China to deploy giant Beidou global navigation system in 2020

VW Zwickau factory is getting ready for electric cars production

Airbus: Passenger hybrid aircraft to take off before 2035

Ocado To Introduce ‘Mini Robotic Warehouse’ With Standard Productivity

World Politics

World & Politics

French tour operators will stop sending tourists to China until February 21

US Will Not Give Visas To Pregnant Women To Prevent Organized 'Birth Tourism'

Heads of the European Council and European Commission sign Brexit agreement

UK adds Greenpeace, PETA to extremist organizations list

Indonesia, UAE sign nearly $23B deal

US to respond to Iran’s attacks on US bases in Iraq

Irish Passport issues hit record in anticipation of Brexit

Reporters Without Borders calls to release Julian Assange