Author Topic: Hackers Breach Avast Antivirus Network, CCleaner Apparent Target  (Read 645 times)

0 Members and 1 Guest are viewing this topic.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20207
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
This explains the automatic CCleaner update as posted here.  From Hackers Breach Avast Antivirus Network Through Insecure VPN Profile:
Hackers accessed the internal network of Czech cybersecurity company Avast, likely aiming for a supply chain attack targeting CCleaner. Detected on September 25, intrusion attempts started since May 14.

Suspecting CCleaner as the targeted asset, Avast on September 25 stopped the upcoming updates for the software and started to check prior releases for malicious modification.

To ensure that no risk comes to its users, the company re-signed an official CCleaner release and pushed it as an automatic update on October 15. That release updated users still on version 5.57 to version 5.62 of the product so they could benefit from "its enhanced security and improved performance."

Furthermore, the old certificate was revoked, says in a statement today Jaya Baloo, Avast Chief Information Security Officer (CISO).

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7332
  • Liverpool FC - YNWA
    • View Profile
Re: Hackers Breach Avast Antivirus Network, CCleaner Apparent Target
« Reply #1 on: October 21, 2019, 01:16:04 PM »
More info here at the Avast blog:

(With acknowledgement to ky331)
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member