Now, however, researchers at Czech anti-virus vendor Avast, which owns Piriform - the British developer of CCleaner - have gained access to a second server storing data that has revealed a list of additional computers that may have been hit with secondary malware by attackers.ĬCleaner is a popular Windows utility designed to tidy up hard drives and flush temporary files. But the command-and-control server used by attackers had a small hard drive, and when it was recovered by Avast - with the help of law enforcement agencies - it was only storing three days' of attack data, listing 18 targeted companies. The trojanized version of CCleaner gave unknown attackers the ability to potentially push secondary malware onto any infected system they desired. See Also: OnDemand | Zero Tolerance: Controlling The Landscape Where You'll Meet Your Adversaries
#CCLEANER MALWARE CALLED SOFTWARE#
Researchers investigating the infection of hundreds of thousands of computers with a trojanized version of a popular software utility, CCleaner, have had a lucky break that gives greater insight into the hackers' goals.
Avast has recovered a nearly complete list of all firms targeted with second-stage malware via trojanized CCleaner installations.