Researchers believe the hackers behind the recently disclosed #CCleaner malware attack weren't just aiming to infect as many machines as possible — they were after the trade secrets of high-profile tech firms.  On Wednesday, researchers at #Cisco 's #Talos security division said that more than 700,000 machines were infected as part of the CCleaner attack. The hackers used information collected from those machines to identify at least 20 high-profile tech firms — including Cisco itself — which were "served specialized secondary [Stage 2] payloads."  "This would suggest a very focused actor after valuable intellectual property," Cisco researchers wrote. Besides #Cisco, the list of targeted companies includes #Google, #Intel, #Microsoft, #Samsung, #Sony, #HTC, and #Linksys, as well as #DellTechnologies -owned cloud computing software firm #VMware, cloud services provider #Akamai, #Britishtelecom company #Vodafone, Taiwanese networking equipment maker #DLink, and Singapore-based mobile network operator #Singtel. Talos researchers have reached out to the affected companies and alerted them of a possible compromise. "These new findings raise our level of concern about these events, as elements of our research point towards a possible unknown, sophisticated actor," the researchers wrote. During the compromise, the malware would "periodically contact" the attackers' command and control server and "transmit reconnaissance information about infected systems" including IP addresses, online times, hostnames, domain names, process listings, and more, the researchers wrote.
https://www.pcmag.com/news/356361/ccleaner-hackers-were-after-high-profile-tech-firms-trade-s
No comments:
Post a Comment