11/26/2023 0 Comments Ccleaner attackThe initial attacker modified CCleaner updates were downloaded to millions of computer. Hence, the premise for what I believe transpired in this attack. What Cisco discovered that the servers were breached on multiple occasions for the purposes of adding and deleting software used in the attack. I also believe Eset assisted in that incident. Noteworthy is in the recent Ukraine ME Doc incident, the Ukraine government hired Cisco to performed an independent third party forensic analysis of the ME Docs servers. Because the servers were compromised, anything is possible. That is the role played by the compromised Piriform servers in this attack. Lets state this again - the Piriform servers were compromised and for an extended period of time. There is one glaring omission in the publically released statements to date on this attack. Sorry Avast, I not "buying in" to your assessment. Is so, this most surely will go down as the largest waterhole attack in history. The total number of unique PCs that received the 2nd stage payload was 40.Īvast is sticking to its statements that the attack was a "waterhole" attack with the real intent being to target a few dozen high valued corporation targets.The total number of unique PCs (unique MAC addresses) that communicated with the CnC server was 1,646,536.The total number of connections to the CnC server was 5,686,677.The main findings from the complete database are as follows:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |