The CCleaner Malware Fiasco Targeted at Least 20 Specific Tech Firms - [security]
12:02 PM EDT - Sep,21 2017 - post a comment Researchers believe that the hackers behind the CCleaner malware were bent not only on mass infections, but on targeted espionage that tried to gain access to the networks of Intel, Google, Microsoft, and other tech titans. Some have linked the hack to cyberespionage group APT17, also known as DeputyDog.
arlier this week, security firms Morphisec and Cisco revealed that CCleaner, a piece of security software distributed by Czech company Avast, had been hijacked by hackers and loaded with a backdoor that evaded the company's security checks. It wound up installed on more than 700,000 computers. On Wednesday, researchers at Cisco's Talos security division revealed that they've now analyzed the hackers' "command-and-control" server to which those malicious versions of CCleaner connected.
On that server, they found evidence that the hackers had attempted to filter their collection of backdoored victim machines to find computers inside the networks of 20 tech firms, including Intel, Google, Microsoft, Akamai, Samsung, Sony, VMware, HTC, Linksys, D-Link and Cisco itself. In about half of those cases, says Talos research manager Craig Williams, the hackers successfully found a machine they'd compromised within the company's network, and used their backdoor to infect it with another piece of malware intended to serve as a deeper foothold, one that Cisco now believes was likely intended for industrial espionage.
|
