There has been a massive amount of press coverage concerning the news that Avast's Piriform CCleaner
was unlawfully hacked during the development process resulting in a backdoor access point. Their initial top priority is the dedication to the security and safety of their millions of users, as well as, sustaining their brand-new acquisition, Piriform.
Given the late disclosure of the massive Equifax data breach, customers and media are on extreme alert, as they ought to be. Therefore, as soon as Avast knew of this breach, they jumped right in and resolved it. Within roughly 72 hrs of the breach, the problem was fixed by Avast without it affecting Piriform consumers. The objective of this write-up is to clarify what actually occurred, correct some misinformed info that is presently circulating, and summarize the actions Avast
took and plans to take moving forward. Avast
acquired Piriform, the manufacturer of CCleaner
, on July 18, 2017, due to the fact that Piriform had an excellent product and remarkable supporters. Avast still stands behind that statement today. Just what they didn't know was that prior to the purchases completion, the cyberpunks were most likely already in the process of hacking the Piriform systems. The hacking process likely began on July 3rd. The web server was provisioned previously in 2017 as well as the SSL certificate. The corresponding https interaction had a timestamp of July 3, 2017. They strongly believe that Piriform was being targeted while they were running as a standalone business, before the Avast acquisition. The compromised version of CCleaner was launched on August 15th and also went undiscovered by any kind of security for four weeks, highlighting the sophistication of the attack. In their opinion, it was a well-prepared operation and the reality that it did not create harm to users is an extremely excellent end result for Avast.
Shortly after the initial news, a series of the press released misinformation regarding exactly what took place based on assumption. Several of the write-ups implied that 2 billion customers were impacted with an additional 5 million each week. This originated from a number of downloads that CCleaner
had; 2 billion times with 5 million a week being downloaded and installed, as stated on their website. Nonetheless, this is vastly different from the actual affected users. As just 2 smaller sized distribution products (the paid versions)
were compromised, therefore the real number affected by this breach was 2.27 M. As a result of the aggressive response by Avast, 730,000 users may still be using the affected version 5.33.6162. These individuals must update despite the fact that they are not at risk as the malware was disabled on the server side. Even so, Avast consumers are encouraged to update to the latest version of CCleaner, which certainly removed the backdoor code from their systems. As of now, CCleaner 5.33 received an alert suggesting them to execute the update.
Avast took complete responsibility and also expressed that they deeply recognized the severity of the situation, as they do with all security of their products. Additionally, they took proactive measures as well as took the server down prior to any harm was done to customers. Good thing Avast acquired the company otherwise the outcome might have been vastly different.