Supply Chain Incident
CCleaner signed installer compromise
A legitimate CCleaner release was modified and signed, distributing malware to downstream users through the normal software update and download path.
ConfidenceHigh
Evidence LevelResearcher
Attack StageDistribution Compromise
Source Artifact DivergenceUnknown
Affected Packages
No structured records.
Affected Releases
No structured records.
Repositories
No structured records.
Organizations
Maintainers
No structured records.
Threat Actors
No structured records.
Campaigns
No structured records.
Build Systems
No structured records.
Distribution Channels
- Signed software installer/update channel
Compromised Accounts
No structured records.
Connected Entities
- Piriform Organization
- Signed software installer/update channel Distribution Channel
References
- CCleaner Command and Control Causes Concern Cisco Talos · 2017-09-18