CIP Cyber

CCleaner Malware Infects Big Tech Companies With Second Backdoor

Table of Contents

The gathering of obscure programmers who captured CCleaner’s download server to convey a noxious adaptation of the prominent framework improvement programming focused no less than 20 major international technology companies with a second-stage payload.

Prior this week, when the CCleaner hack was reported, researchers assured users that there’s no second stage malware utilized as a part of the monstrous attack and influenced clients can basically refresh their adaptation so as to dispose of the malicious software.

In any case, amid the investigation of the programmers’ command and-control (C2) server to which the malicious CCleaner versions associated, security specialists from Cisco’s Talos Group discovered proof of a moment payload (GeeSetup_x86.dll, a lightweight secondary passage module) that was conveyed to a particular rundown of PCs in view of nearby area names.

 

Influenced Technology Firms

As per a predefined list said in the setup of the C2 server, the attack was intended to discover PCs inside the systems of the significant innovation firms and convey the auxiliary payload. The objective organizations included:

  • Google
  • Microsoft
  • Cisco
  • Intel
  • Samsung
  • Sony
  • HTC
  • Linksys
  • D-Link
  • Akamai
  • VMware

In the database, analysts found a rundown of about 700,000 backdoored machines contaminated with the malicious version of CCleaner, i.e. the principal arrange payload, and a rundown of no less than 20 machines that were tainted with the auxiliary payload to get a more profound a dependable balance on those frameworks.

The CCleaner programmers particularly picked these 20 machines in light of their Domain name, IP address, and Hostname. The scientists trust the optional malware was likely expected for industrial espionage.

CIP Cyber Staff

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Industrial Cybersecurity

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Related Articles

What Proxies Are For

When you cannot access certain sites or hide your identity, you need a tool for that. For example, the USA proxies are in demand among

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings