Alert over booby-trapped security software

| Author: Tony Imossi (Secretariat) | Filed under: General News
Alert over booby-trapped security software

A security company has issued a warning after its software was compromised by malicious hackers.

Piriform told users a booby-trapped version of its CCleaner software had been made available in August and September.

Millions of people use the CCleaner program to remove unwanted junk from Android phones and Windows PCs.

Piriform's owner, Avast, said it had managed to remove the compromised version before any harm had been done.

It appears that it was only the Windows version of CCleaner that was compromised.

Cleaning up

If the malicious hackers who had managed to subvert the software had not been spotted, they could have remotely taken over the devices of the 2.27 million people who had downloaded version 5.33 of the program, said Paul Yung, from Piriform.

Mr Yung said the company had spotted some "suspicious activity" on 12 September that led it to discover version 5.33 had been "illegally modified" before it had been made available to the public.

The modified version was available for about a month.

The modifications made infected machines contact some recently registered web domains - a tactic often used by cyber-thieves who then use this route to install more damaging software on compromised devices.

The impact of the infection had been limited, said Mr Yung, because relatively few people automatically updated the CCleaner software.

Anyone who had downloaded the compromised version of CCleaner was now being moved to the latest uninfected version, he said.

"To the best of our knowledge, we were able to disarm the threat before it was able to do any harm," said Mr Yung.

He apologised for any inconvenience that had been caused and said the company's investigation into the attack was "ongoing".

Separate analysis by Cisco's Talos security group suggests whoever was behind the attack on CCleaner had managed to get access to the server Piriform used to host new versions of the software.

Talos researcher Craig Williams told the Reuters news agency the attack had been "sophisticated" because it had targeted a trusted server and sought to make the booby-trapped version look legitimate.

"There is nothing a user could have noticed," he said.

Source: BBC

Working with the Law Society

The ABI is the only association in this industry to be recognised by the Law Society of England and Wales, and included in the Law Society of Scotland's approved Supplier Scheme.

The highest independent professional bodies for solicitors put their trust in us. We’re confident you can do the same.

The ABI other partners also recognise the value of affiliation to the principal professional body in the investigation and litigation support sector:

COURTSDESK SEARCHER is an on-demand search for court cases, or parties involved in court cases, in England and Wales and the Republic of Ireland.
Scotland Law Society logo
Professional Indemnity Insurance
Thank you, your message has been sent.
A member of our team will be in touch shortly.