Security & Fraud

Avast Cybersecurity Firm Targeted By China Hack

Hack Of Czech Cybersecurity Co Avast Suspected To Have Chinese Origins

Czech cybersecurity company Avast was hacked by an outside actor suspected to have ties to China. 

Reuters is reporting that both Czech counterintelligence service BIS and Avast detected an attack on the company. Avast said it first found suspicious activity on its network on Sept. 23. The company involved the BIS as well as Czech law enforcement authorities, including a forensics team. 

“Everything from data analysis so far suggests that the attack came from China, with the intention to take control of the popular optimization tool CCleaner, and through that also users’ computers,” BIS said in a statement.

Avast Chief Information Security Officer Jaya Baloo said the intruder gained access using someone’s credentials and a VPN to log in. The intruder attempted to get access many different times between May 14 and Oct. 4.

Avast wanted to catch the intruder so it kept the profile with the VPN open. The attack was indeed targeted at Avast’s CCleaner software, which helps to clean up junk to make devices run faster. The company was previously hacked in 2017, when an attack on its supply chain affected more than 2 million computers. Avast said it has 400 million customers around the globe using its products.

Avast said it responded to the hack by making sure than nothing was changed in the code of previous releases, and that it stopped new updates until it could push out a clean one on Oct. 15. The company also took back a previous certificate. 

“Having taken all these precautions, we are confident to say that our CCleaner users are protected and unaffected,” Avast said. “It is clear that this was an extremely sophisticated attempt against us that had the intention to leave no traces of the intruder or their purpose, and that the actor was progressing with exceptional caution in order to not be detected.”

——————————

LIVE PYMNTS TV OCTOBER SERIES: POWERING THE DIGITAL SHIFT – B2B PAYMENTS 2021 

Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border.

Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.

TRENDING RIGHT NOW