The company said that the target of the attack was probably the insert malware into CCleaner software. 2017 had a similar incident.
How did the violation occur?
According to Avast, hackers violated VPNs credentials a company employee. In this way, they gained access to an account that was not protected.
The company discovered the breach on 23 September. Immediately, it began an investigation and found evidence that the attackers had been targeting the company's systems since 14 May 2019.
“The user whose credentials were breached did not have domain administrator rights. However, through a successful escalation privilege attack, the attacker managed to gain administrator privileges, ”said Jaya Baloo, Avast's chief information security officer.
According to Baloo, the company has activated the violated VPN profile to monitor the attacker's activities.
This lasted until 15 October, when the company released a new update of its CCleaner.
In addition, Avast changed the digital certificate used for CCleaner updates. The company considered that this change was necessary if the hackers had managed to obtain the old certificate at infringement of the network.
“Having taken all these precautions, we are confident that users CCleaner's are protected and unaffected, ”Baloo said.
The company, based in the Czech Republic, works with the police, the Czech intelligence agency, the Security Information Service (BIS) and a private company for the investigation of a violation.
Avast believes that the attackers were experienced hackers but it is not certain whether it is the team itself that attacked the company 2017.
"From the information we have gathered so far, it is clear that this was a very complex attack on us that was intended not to leave traces of the intruder. The attackers they were proceeding with extreme caution not to be identified, ”said Baloo.
The investigation is ongoing. Avast has said it will inform if it learns any new information. 2017 had published several updates on the infringement incident and was praised for speaking openly and in detail about it.
2017, the attackers had 'planted' malware in CCleaner, in violation of a account TeamViewer. According to Avast, about 2,27 millions of users had downloaded the corrupted CCleaner software.
How useful was this post?
No votes so far! Be the first to rate this post.
The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by
A brief look at the Citadel Banking Trojan
Greek
Arabic
Chinese (Simplified)
English
French
German
Italian
Russian
Comment Policy:
SecNews.gr does not immediately post comments. Malicious comments, comments that include ads, or comments with insults are deleted without any warning. We do not endorse the views expressed by our readers.