DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
July 6, 2020 
Main Menu
News archives

Who's Online
There are currently 93 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Goal of CCleaner hack may have been economic espionage

Posted on Thursday, September 21 2017 @ 11:57:41 CEST by

CCleaner logo
One of the shockers that hit the web earlier this week was the news about the hack of CCleaner. This cleanup tool is used by millions around the world so the fact that the company's official install files got injected with multi-stage malware could have resulted in major damage.

Many were wondering why the attackers didn't roll out the second stage of their malware attack but it appears the hack focused on very specific targets. Research by Cisco's Talos security unit reveals many multinational tech giants were specifically targeted through delivery of a second-stage payload.

Rather than the general public, the malware targeted companies like Singtel, Samsung, HTC, Sony, VMware, Intel, Cisco, Vodafone, Linksys, Epson, MSI, Google, and Akamai. Cisco Talos concludes this attack was performed by a fairly sophisticated attacker, who designed a supply chain attack to compromise a vast number of victims in hopes to land some payloads on PCs at very specific target networks. This suggests the attack had economic espionage as motivation.
Interestingly the array specified contains Cisco's domain (cisco.com) along with other high-profile technology companies. This would suggest a very focused actor after valuable intellectual property.

These new findings raise our level of concern about these events, as elements of our research point towards a possible unknown, sophisticated actor. These findings also support and reinforce our previous recommendation that those impacted by this supply chain attack should not simply remove the affected version of CCleaner or update to the latest version, but should restore from backups or reimage systems to ensure that they completely remove not only the backdoored version of CCleaner but also any other malware that may be resident on the system.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba