Avast revealed that the firm had its internal network hacked. The company claims that hackers found their way in through a compromised VPN profile.
According to a recent announcement made by cyber-security software company Avast, it appears that the Czech-based firm suffered another hacking attack at its internal network. The company claims that the purpose of the breach was likely to infect CCleaner software with malware.
This is not the first time that hackers had attempted to infect CCleaner, as another, very similar incident took place in 2017 when hackers attempted the same thing.
Avast’s statement says that the hackers managed to compromise a VPN used by one of their employees, which allowed them to access this VPN account. Furthermore, it appears that the account was not protected by Dual Authentication, so the breach remained unknown for some time.
The intrusion was only detected on September 23rd, although the investigation of the company’s systems revealed that hackers’ presence goes back to mid-May of 2019.
Avast officials claim that the compromised user did not have domain admin privileges, but the attackers managed to obtain them through a successful privilege escalation. When Avast discovered the breach, the company initially left the compromised profile active, planning to use it to identify the attackers and observe their actions.
They observed the attacker’s behavior until October 15th, when they released a new, clean update for CCleaner, and audited all previous versions. This move ensured that hackers won’t be able to compromise users’ devices through their CCleaner apps and that their months-long intrusion would be fruitless.
The company’s Chief Information Security Officer, Jaya Baloo, stated that Avast took all necessary precautions and that the company is confident that CCleaner users will be safe and protected from hackers’ attacks. Meanwhile, the investigation of the incident will continue, with the Czech intelligence already being involved. Avast is also collaborating with an external forensics team, as well as with the cybersecurity division of the country’s police force.
Do you use CCleaner? Are you concerned about the recent hacking attempt? Tell us what you think about the new incident in the comments below.
Images are courtesy of Pixabay.