Follow Us on Telegram For Up To Date Tech News and Reviews

News

Consumer Security Alert: Cisco Discovers Breach of Consumer Application, CCleaner

cisco

Cisco’s industry leading cybersecurity research team, Cisco Talos, today is alerting consumers and businesses to a major cybersecurity incident that could affect millions of users worldwide.

WHAT HAPPENED

Attackers hijacked and hid malware inside Avast’s CCleaner application was which was available for download between August 15 – September 12, 2017. Anyone who downloaded the 5.33 version product or updated their existing product during this timeframe became infected.

On September 13, 2017, Cisco Talos notified Avast so that they could begin corrective action. At this time the version containing the malware has been removed and is no longer available for download. However, many consumers remain at risk – and will remain at risk even after updating their CCleaner software.

CONSUMER IMPACT

Billing itself the “world’s most popular PC cleaner and optimization tool,” Avast’s CCleaner is trusted by consumers to speed up PC and smartphone performance by removing unneeded/necessary files. As recently as November 2016, CCleaner boasted 2 billion downloads with a growth rate of 5 million users per week.

Once the malware was installed, attackers could potentially gain access to the user’s computer and other connected systems to steal sensitive personal data and/or credentials that could be used for online banking or other online activities.

Like the Nyetya malware in late June, in this instance attackers hacked into a legitimate, trusted application and turned it malicious. These types of attacks are often successful because consumers trust that these well-known and broadly-used applications are safe. Criminals are exploiting that trust.

WHAT TO DO

Because the malware remains present, even after users update the CCleaner software, Talos advises all users to wipe their entire computer — remove and reinstall everything on the machine — and to restore files and data from a pre- August 15, 2017 backup, before the current version would have been installed.

It is critical to remove this version of the CCleaner software and associated malware, since it’s structure means it has the ability to hide on the user’s system and call out to check for new malware updates for up to a year.

About author

Editor at TechArena. I cover all things technology and review new gadgets as I get them. You can reach me on email: kaluka@techarena.co.ke
Related posts
GadgetsNews

What Makes The Samsung Soundbars Tick?

AppsGadgetsNews

Samsung S24 Live Translate Makes Every User A Multilingual

News

Lisk & CV Labs Africa Launch Blockchain Incubation Hub Supported by VCs

News

New Digital Trade Hub to boost Zambian businesses online