Highlighted
ky331
6 Indium

Avast: Hackers breached internal network - aimed at compromising CCleaner - via compromised VPN profile

Czech cyber-security software maker Avast disclosed today a security breach that impacted its internal network.

In a statement published today, the company said it believed the attack's purpose was to insert malware into the CCleaner software, similar to the infamous CCleaner 2017 incident.

https://www.zdnet.com/article/avast-says-hackers-breached-internal-network-through-compromised-vpn-p...

https://blog.avast.com/ccleaner-fights-off-cyberespionage-attempt-abiss

(With acknowledgements to posts at Wilders...)

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 10 Pro (64-bit), Panda DOME 18.7.4, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, Microsoft EDGE, Firefox, Pale Moon, uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
2 Replies
7- Thorium

Re: Avast: Hackers breached internal network - aimed at compromising CCleaner - via compromised VPN profile

 

ATA stands for Microsoft Advanced Threat Analytics


https://docs.microsoft.com/en-us/advanced-threat-analytics/what-is-ata

 

Avast also changed the digital certificate it was using to sign CCleaner updates.  The new update was signed with a new digital certificate, and the company revoked the previous certificate used to sign older CCleaner releases. It did so to prevent attackers from using it to sign fake CCleaner updates, in case the hackers managed to get their hands on the old certificate during the recent intrusion. The 2017 CCleaner hack happened before Avast bought Piriform.

Realtek USB and Audio drivers had similar problem which is why Realtek audio becomes broken after every windows feature update.

 


Report Unresolved Customer Service Issues
here

I do not work for Dell. I too am a user.

The forum is primarily user to user, with Dell employees moderating
Contact USA Technical Support






Get Support on Twitter @DellCaresPro

0 Kudos
7- Thorium

Re: Avast: Hackers breached internal network - a

Doesn't say if they checked for malware in any of their other software like Speccy, which can be downloaded from the ccleaner.com site for free. Obviously ccleaner has a much wider distribution base but still...

Do we know if they use the same security certs for everything on their site?

I recently installed the latest version of Speccy, 1.32.740. So, is it or isn't it...???  😟

Ron

   Forum Member since 2004
   I am not a Dell employee

0 Kudos