CALL US

+91 8219776763

CyberNews Alert: Popular CCleaner utility detected a backdoor

The popular CCleaner utility detected a backdoor

By Prempal Singh 0 Comment September 23, 2017

CCleaner detected a backdoor that infected about 2.3 million devices.

Security researchers from Cisco Talos discover edmalicious code in the popular utility CCleaner from Avast.Backdoor allows attackers to download additional malicious software, for example, extortion programs or keyloggers.According to preliminary estimates by Avast, the compromised version of CCleaner was downloaded 2.27 million times.

As further research showed, the compromised versions of CCleaner 5.33 and CCleaner Cloud 1.07.3191 were downloaded to the CCleaner server at least September 11th.According to the researchers, they were modified before they became available to the general public.

The malware collected, encrypted, and sent information about the computer name, installed software, and running processes to the attacker’s server.The hackers used the Domain Generation Algorithm (DGA) algorithm to create new domains and then transfer the stolen data in the event that the malicious server goes down.Using DGA can talk about the professionalism of hackers, experts noted Cisco Talos.

According to the developers of the SSleaner utility, Piriform, the server from which the infected version was distributed has already been disabled.Users of cloud service CCleaner Cloud received the update automatically, the rest of users are recommended to update their software as soon as possible.As Avrade’s chief operating officer Ondrej Vlcek said, the company is not going to downplay the scale of the infection.2.27 million devices are very many, he noted, but there is no reason for panic, since malware was detected earlier than its payload had been activated.CCleaner is a utility for cleaning and optimizing the hard disk.As of November 2016, it was downloaded 2 billion times and every week the number of downloads increases by another 5 million. The developer of the utility is Piriform, which in 2017 was acquired by Avast Software.

error: Content is protected by Cyberops !!