Avast-owned CCleaner is a security app that was used by hackers to spread malware. It’s a pretty popular app with more than two billion downloads. Security researchers from Cisco Talos discovered that hackers breached security to inject malware that was likely distributed to countless CCleaner users. Avast’s investigation reveals that the malware was specifically targeting major tech companies.
The investigation has revealed that this was an Advanced Persistent Threat that was programmed to deliver malicious payload to select users. The server logs show that the payload was sent to 20 machines in a total of 8 organizations.
However, since the logs were only collected for just over three days, Avast says that the actual number of computers that received the payload are likely “at least in the order of hundreds.”
Avast hasn’t made the names of these major tech companies public for “privacy reasons,” but it does say that these companies are based in the United States, United Kingdom, Taiwan, Japan, and Germany.
Avast is working with law enforcement units to trace the source of this attack. It’s unclear at this point in time if a state-sponsored actor was behind this attack but that’s not a possibility that Avast is ruling out just yet.