"We believe all global software companies, including both Microsoft and us at Avast, will need to continue to vigilantly protect our networks from attacks by those who seek to damage us and our users," Avast told us.īut Avast and TeamViewer aren't the only companies that have been targeted only to serve as a jumping point into the network of other companies. As long as an app is good at its job, hackers are going to keep coming. As the company told ZDNet, the threats it's facing are no different than what its competitors are facing.įor example, TeamViewer, which offers an eponymously named product, also suffered a security breach at the hands of Chinese hackers back in 2016.
However, this huge userbase is also the reason why Avast bought it in the first place.Īvast's plan of attack involves bolstering its security. The app's gigantic userbase makes CCleaner a perfect target for supply-chain attacks.
Ccleaner malware in avast download#
It's an all-in-one system administration toolkit, and one very good at its job, if we're to look at its download numbers. The app now supports remote management features, hard drive defragmentation, email alerts, cloud-based management features, and many more. However, as previously stated in this article, today, CCleaner is more than just a "useless" registry cleaner. In the light of this second hack, many users have expressed their opinions today, claiming that Avast should just retire CCleaner, as the app is only a magnet for state-sponsored hackers, and that the app has no real purpose (many consider registry cleaner apps as being useless or plain harmful). While Avast refrained from attributing the attack to any threat actor, the Czech Security Information Service (BIS), the country's intelligence service, said in a press release today that Chinese hackers were behind this attack, just like in the first. The company is still investigating this second breach but said that hackers weren't successful at pushing out a malicious CCleaner release today. This was their entry point inside Avast's network.
Avast said hackers compromised an employee's VPN credentials to access a temporary VPN profile that was left active and without 2FA protection.
0 kommentar(er)
