Avast Reveals More Details About CCleaner Malware Incident

[Lucian Armasu]

Avast claimed that the Piriform servers were compromised before acquiring the company, and that it was quick to patch the software after learning about the malware. However, it was a different security company that discovered the malware first.

Avast Reveals More Details About CCleaner Malware Incident : Read more

 

[Kelavarus]

"On September 12, MorphiSec notified Avast and Cisco about the malware and both started their own investigations. Avast also contacted law enforcement on the same day."

Considering the circumstances surrounding many other security breaches lately, I at least respect them for making this decision. However... I am curious about:

"On September 18, both Piriform and Cisco’s Talos division made the announcement about the incident."

While yes, they had released the updated version without the malware 3 days earlier, why wait for 6 days to notify the public about the development? I assume that there are probably (still) file repository sites that have older versions available and there might be people who don't get the latest version every time. If law enforcement told them not to release it, I can understand, but beyond that it seems like they should have made an announcement at the very least on the 15th when the command and control servers were shut down.

 

[AnimeMania]

Did Avast release a program that can tell you if you have the malware on your computer?

 

[dastiegen]

See the Talos post for signs of infection (existence of a reg key named 'Agromo').

What Avast isn't discussing is the potential damage to those hundred of thousands of users who did have the malware on their machine for a few weeks... Did you not ask about this, Lucian?