Enlarge (credit: Wiggy!)
At least 40 PCs infected by a backdoored version of the CCleaner disk-maintenance utility received an advanced second-stage payload that researchers are still scrambling to understand, officials from CCleaner’s parent company said.
The 40 PCs, belonging to 12 technology companies, including Samsung, Asus, Fujitsu, Sony and Intel, is double the number previously known to have received the advanced follow-on infection.

They still represent a miniscule percentage—more precisely, about 0.0018 percent—of the 2.27 million PCs that downloaded the booby-trapped CCleaner update.

Avast notified most of the companies that received the stage-two malware and was attempting to contact the remaining victims.
The highly narrow targeting, combined with a list of 13 other technology companies that were also on a short list of organizations attackers targeted, prompted Avast to conclude the CCleaner backdoor was the work of a so-called “advanced persistent threat actor” intent on infecting the networks of large technology companies.

Avast is the antivirus provider that acquired CCleaner developer Piriform on July 18, exactly 28 days before August 15, when it began pushing the backdoored version as an update to users.
Read 11 remaining paragraphs

Leave a Reply