![]() However, the researchers still can't say for certain whether this particular attack was perpetrated by Group 72. They even found some code associated with known hacking team Group 72 or Axiom, which is believed to be a Chinese government operation. They believe it was created for industrial espionage, a way to steal valuable secrets from some of the world's biggest tech giants. ![]() CCleaner, a system-optimization tool with more than 2 billion downloads worldwide, is. Technology: Instead of waiting for vendors to post signature files for new hacker attacks and cleaning up after virus attacks, Sherman and network engineer. Now that the team has discovered the malware's true nature, they don't think it was deployed simply to install keyloggers or ransomware on random people's computers. 21 with news that malware injection seems to have been for purposes of industrial espionage. That doesn't mean 10 out of the 20 fell victim to the malware, though: some of the tech giants got infected twice, while others weren't affected at all. ![]() While they didn't reveal which corporations got infected, they said 50 percent of the hackers' attempts at installing the secondary malware was successful. The original malware was merely used to deliver a second malware, which can insert itself deeper into the system.Īccording to the Talos researchers, the info they got from their source included evidence that the hackers looked through their database of hacked machines to find PCs connected to those companies' networks. Based on the data they got from someone involved in the CCleaner investigation, the Talos researchers have discovered that the attackers' main goal was to infect computers inside those companies' networks. According to Cisco's Talos security division, it had specific targets: at least 20 tech titans, including Google, Samsung, Microsoft, Sony, HTC, Linksys, D-Link, and Cisco itself. Lastly, regarding the new trend to assault WordPress, Joomla, JBoss Servers, companies need to take the cyber security much more seriously.The malware that hackers inserted into legit downloads of popular PC-cleaning software CCleaner wasn't harmless after all. Nonetheless, taking into account this elaborate malware distribution network, it is advised to scan the system in Safe Mode for backdoors and other possibly downloaded malware or even restore the system image from backups. Is there anything more irritating than a hacker trying to get whatever they can for their own malicious reasons The CCleaner hack is a very real problem. Users are urged to update to 5.34 version. New approach on cyber securityĪfter the corrupted version has been identified, CCleaner owners removed the virus from the download service. However, such assumptions still need more evidence., Talos Cisco specialists also reviewed the findings of Kaspersky Lab specialists who suggested that the malware code resembled the ones created by Group 72 hacker group. Interestingly, the technical specifications of the malware contain some elements which refer to the Peoples’ Republic of China time zone. Further analysis of Cisco Talos reveals the main targets of the virus. More than 2 billion users around the world have downloaded the Piriform CCleaner tool to help remove unwanted files and keep their systems secure. Depending on the OS, the malware dropped TSMSISrv.dll or EFACli64.dll. While the initial version attacked only 32-bit systems, the improved version attempted to assault 64-bit OS as well. After the discovery of the malware, its second payload was launched by the perpetrators. Users of the popular CCleaner program by Piriform are being advised to update the application after researchers at Cisco's Talos division discovered hackers had hidden malware inside. Warning: CCleaner Hacked to Distribute Malware Over 2.3 Million Users Infected The Hacker News reported that CCleaner has been backdoored in a supply. While more than 2 million ordinary users were said to have downloaded the backdoor, the developers took on a bigger challenge. What is more, the malware managed to postpone its activity for 601 seconds which again contributed to the evasion of detection. ![]() Thus, even cautious users failed to sense anything suspicious as the corrupted version included the name of the official, Piriform, publisher. The main culprit – Floxif malware – counterfeited the digital certificate of the application which granted it the label of a legitimate version. In case you have not updated the software from 5.33 to 5.34 version, do it now. Though the malware capabilities of spying on users data and data collection have been identified in the beginning, it seems that the initial target was a much bigger prey. Luckily, the deviation in usual behavior of eliminating malware was noticed by Cisco Talos experts. The real motive of Floxif virus delivered with CCleaner v5.33Ī couple of days ago, IT experts have made an astonishing discovery – CCleaner 5.33 version was delivering malware.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |