![]() So how many machines were affected is unknown. The final impact of the trojanized CCleaner still is unknown as the C&C server had already been shut down. While M.E.Doc’s compromised accounting software wasn’t spread that widely compared to CCleaner, the impact of that payload (DiskCoder.C) in affected corporates was significant. Depending on the popularity of the software being targeted, the impact can be significant. It could happen to anyone, so we'd better learn from the existing examples of how it was done, to build better protection against these kinds of attacks. The latter is important, because attacks such as these - so called supply chain attacks - are still rare, but on the rise. Was it only this version the cybercriminal(s) could get digitally signed? Perhaps in the (near) future, the company concerned will discover and publish the ins and outs of this for all to learn and to see if such an attack could have worked in your company as well. Why only the 32-bit versions were trojanized remains, for now, a mystery. This is weird, as the effect would have been significantly more dramatic if also the 64-bit version had also been backdoored. Regardless of how Piriform was breached, for a tool as widely downloaded as CCleaner, with a userbase running into the hundreds of millions, there will be a large impact worldwide, even though only the 32-bit version was affected. "Why only the 32-bit versions were trojanized remains, for now, a mystery. There can be many more (unlikely) scenarios, even those we didn’t even think of yet. This is less likely as the trojanized version was digitally signed thus is would involve an additional breach.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |