CCleaner supply chain attack

GPTKB entity

Statements (40)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:affectedUsers over 2 million
gptkbp:category supply chain attack
malware incidents
2017 cyberattacks
gptkbp:discoveredBy gptkb:Talos_(Cisco)
gptkbp:discoveredIn September 2017
https://www.w3.org/2000/01/rdf-schema#label CCleaner supply chain attack
gptkbp:impact potential for further targeted attacks
gptkbp:malwarePayload Floxif
gptkbp:method supply chain compromise
gptkbp:notableCompany gptkb:Avast
gptkb:Piriform
gptkbp:notableVictim gptkb:D-Link
gptkb:Fujitsu
gptkb:Microsoft
gptkb:VMware
gptkb:Samsung
gptkb:Sony
gptkb:Intel
gptkb:Asus
gptkb:HTC
gptkb:Linksys
gptkb:Akamai
gptkb:Gigaset
gptkbp:occurredIn 2017
gptkbp:perpetrator unknown (suspected APT group)
gptkbp:response public disclosure
update released to remove malware
gptkbp:resultedIn compromised software update
distribution of malicious CCleaner update
gptkbp:softwareVersionAffected CCleaner 5.33.6162
CCleaner Cloud 1.07.3191
gptkbp:target CCleaner software
gptkbp:targetedCompanies technology companies
hardware manufacturers
telecom companies
gptkbp:usesMalware backdoor
gptkbp:bfsParent gptkb:Operation_Winnti
gptkbp:bfsLayer 7