TECH TUESDAY: Hackers Create Backdoor In CCleaner Security App


Tech Tuesday.png

Hackers should never go underestimated, but let’s be honest: Society does not necessarily take hackers seriously. Otherwise we wouldn’t have passwords such as “pa55word” and “1234567890” which are far too easy for cybercriminals to crack. As we have said in the past, cybersecurity starts with the user. That is true.

But it is not always the user’s fault. You see, the other aspect of hackers that go underestimated is their cleverness.

Be aware of the hacker attackTo excel at hacking, you have to think much like a chess player. You should anticipate the move of your opponent, or at least in the case of blackhat hackers, your marks who are the unsuspecting users of websites and applications. What hackers focus on is not necessarily the malware they want to deliver. The malware can be harder to eradicate, of course, and it can be more devastating than previous versions, but the malware at the basic level is the same software. Nothing really new. Where hackers show their cleverness is in the delivery mechanism for their malware.

In this particular instance, hackers found an ingenious way to drop their malware on unsuspecting users. Their delivery system: A trusted piece of security software from a trusted software vendor.   

Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately after researchers discovered criminal hackers had installed a backdoor in the tool. The application CCleaner helps computer users with maintenance and file clean-up, allowing for optimal performance from users everywhere. This software is developed and managed by the trusted anti-virus vendor, Avast. With billions of downloads on a weekly basis, this threat is considered a big one by cybersecurity experts. The infected CCleaner app was discovered after Version 5.33’s release. With all its downloads tallied and analyzed, it was concluded by experts that over 27 million copies were discovered as tainted. So yes, this is quite an emergency.

Now if you have this software loaded up on your computer, there is no need to panic. The good news is that CCleaner Cloud received an automatic update. So if you have CCleaner, go out and update that immediately, run an up-to-date anti-virus program, and you should be good.

So what exactly is the moral of this particular story? It sounds like that hackers can still make life miserable for you even if you do take precautions like strong passwords, working with vendors you can trust, and so on. The truth is that cybersecurity on a personal level is not much different from that of a cybersecuritry professional. It is an ongoing endeavor to remain safe and secure online. Along with password strength, along with working with trusted vendors, you should also be paying attention to the news. Tech blogs—again the online sources of information that are verified and have proven to be voices of knowledge and know-how—can keep you in the know on viruses and malware. By remaining informed, you remain armed and ready.

This is something we here at Curious strive for every day: To be a reliable source of information for you.

Stay safe.



shurtz.jpgA research physicist who has become an entrepreneur and educational leader, and an expert on competency-based education, critical thinking in the classroom, curriculum development, and education management, Dr. Richard Shurtz is the president and chief executive officer of Stratford University. He has published over 30 technical publications, holds 15 patents, and is host of the weekly radio show, Tech Talk. A noted expert on competency-based education, Dr. Shurtz has conducted numerous workshops and seminars for educators in Jamaica, Egypt, India, and China, and has established academic partnerships in China, India, Sri Lanka, Kurdistan, Malaysia, and Canada.