Home Security Avast Faced A Security Breach Aiming At Messing Up Its CCleaner

Avast Faced A Security Breach Aiming At Messing Up Its CCleaner

by ethhack

The popular cybersecurity firm Avast has revealed a cyber attack that it endured recently. Reportedly, Avast faced a security breach earlier this year that seemingly aimed at infecting its CCleaner app.

Avast Disclosed A Security Breach

In a blog post, Jaya Baloo, the CISO at Avast, has disclosed a cyber attack that the company endured recently. Upon discovering the suspicious activity, the company started work and investigations into containing the attack.

As stated in the post,

The evidence we gathered pointed to activity on MS ATA/VPN on October 1, when we re-reviewed an MS ATA alert of a malicious replication of directory services from an internal IP that belonged to our VPN address range, which had originally been dismissed as a false positive.

They found that the attackers exploited a compromised user account to gain access to Avast systems.

We found that the internal network was successfully accessed with compromised credentials through a temporary VPN profile that had erroneously been kept enabled and did not require 2FA.

While the affected account had no domain privileges, the attackers triggered privilege escalation to achieve domain privileges.

Tracking the IP address of the connection pointed out to a location outside the UK. Digging further into the issue also revealed that the attackers had made numerous attempts through the same VPN since May 2019.

Second Hacking Attempt On CCleaner Since Acquisition

Avast suspects that the attackers were targeting CCleaner with this attempt. Nonetheless, they still initiated investigations on a wider level to ensure utmost security.

Even though we believed that CCleaner was the likely target of a supply chain attack, as was the case in a 2017 CCleaner breach, we cast a wider net in our remediation actions.

While Avast dubbed the attack ‘Abiss’ (Avast’s title to this attempt) “extremely sophisticated”, they still managed to contain the attack. Furthermore, they also hardened the security of their operations and product builds.

‘Abiss’ marks the second attack on CCleaner. Earlier, some attackers meddled with the app in 2017 by infecting it with Floxif malware.

The following two tabs change content below.
Avatar
Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Source link

Related Articles

Leave a Comment

deneme bonusu veren sitelerbahis casinomakrobetceltabetpinbahispolobetpolobet girişpinbahis girişmakrobet girişpulibet girişmobilbahis girişkolaybet giriş