In a tweet made by Kaspersky Lab’s Costin Raiu on Tuesday, he said that the malware stuffed inside CCleaner v5.33 shared code with the Missl backdoor trojan used by a hacker group called Axiom.
The hacker group is assumed to be based out of China, and it’s also known by other names including Group 72, APT17, DeputyDog, etc. The existence of the malware in the CCleaner 5.33 executable was reported on Monday.
The similarities in the code were also spotted and mentioned in a report published by Cisco Talos – a threat intelligence group inside Cisco.
Also Read: CCleaner Security App Has Been Hacked With 2.3 Million Infected
“Based on a review of the C2 tracking database, which only covers four days in September, we can confirm that at least 20 victim machines were served specialized secondary payloads,” the researchers write in the post.
List of domains the attackers were attempting to target. Image: Cisco Talos |
There are many high-profile companies affected, including Cisco, Microsoft, Intel, Sony, Samsung, HTC, DLink, VMWare, etc. The researchers assume a possibility that the attackers might be running after the valuable intellectual property possed by these firms.
One countermeasure suggested to the affected users was to update to the latest version of CCleaner. But the researchers emphasize, at least in the case of big firms, that they should restore their systems through backup or reimage them to wipe out the malware completely.
If you have something to add, drop your thoughts and feedback.
Also Read: How Hackers Can Empty Your Bitcoin Wallet Using Your Phone Number And Email
yurtdışı kargo
ReplyDeleteresimli magnet
instagram takipçi satın al
yurtdışı kargo
sms onay
dijital kartvizit
dijital kartvizit
https://nobetci-eczane.org/
Ä°ZLTW