![]() ![]() ![]() In an update post Thursday morning, Avast backed Cisco's findings, and confirmed that eight of the 18 known target companies had been breached by the hackers. "It’s very likely they modified this through the monthlong campaign, and it’s almost certain that they changed the list around as they progressed and probably targeted even more companies," says Williams. It may have included evidence of other targets, successfully breached or not, that the hackers had sought to infect with their secondary payload earlier in the month-long period when the corrupted version of CCleaner was being distributed. Williams also notes the target list Cisco found likely isn't comprehensive it appears to have been "trimmed," he says. Security firm Kaspersky says the ransomware was the third attack in the last year that hijacked innocent updates to spread malware. The Petya Plague Exposes the Threat of Evil Software Updates "Now we know this was being used as a dragnet to target these worldwide.to get footholds in companies that have valuable things to steal, including Cisco unfortunately." "When we found this initially, we knew it had infected a lot of companies," says Williams. In about half of those cases, says Talos research manager Craig Williams, the hackers successfully found a machine they'd compromised within the company's network, and used their backdoor to infect it with another piece of malware intended to serve as a deeper foothold, one that Cisco now believes was likely intended for industrial espionage. On that server, they found evidence that the hackers had attempted to filter their collection of backdoored victim machines to find computers inside the networks of 18 tech firms, including Intel, Google, Microsoft, Akamai, Samsung, Sony, VMware, HTC, Linksys, D-Link and Cisco itself. On Wednesday, researchers at Cisco's Talos security division revealed that they've now analyzed the hackers' "command-and-control" server to which those malicious versions of CCleaner connected. It wound up installed on more than 700,000 computers. Researchers now believe that the hackers behind it were bent not only on mass infections, but on targeted espionage that tried to gain access to the networks of at least 18 tech firms.Įarlier this week, security firms Morphisec and Cisco revealed that CCleaner, a piece of security software distributed by Czech company Avast, had been hijacked by hackers and loaded with a backdoor that evaded the company's security checks. But now it's becoming clear exactly how bad the results of the recent CCleaner malware outbreak may be. Hundreds of thousands of computers getting penetrated by a corrupted version of an ultra-common piece of security software was never going to end well. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |