CCleaner supply chain attack

GPTKB entity

Predicate	Object
gptkbp:instanceOf	cybercrime
gptkbp:affectedUsers	over 2 million
gptkbp:category	supply chain attack malware incidents 2017 cyberattacks
gptkbp:discoveredBy	gptkb:Talos_(Cisco)
gptkbp:discoveredIn	September 2017
https://www.w3.org/2000/01/rdf-schema#label	CCleaner supply chain attack
gptkbp:impact	potential for further targeted attacks
gptkbp:malwarePayload	Floxif
gptkbp:method	supply chain compromise
gptkbp:notableCompany	gptkb:Avast gptkb:Piriform
gptkbp:notableVictim	gptkb:D-Link gptkb:Fujitsu gptkb:Microsoft gptkb:VMware gptkb:Samsung gptkb:Sony gptkb:Intel gptkb:Asus gptkb:HTC gptkb:Linksys gptkb:Akamai gptkb:Gigaset
gptkbp:occurredIn	2017
gptkbp:perpetrator	unknown (suspected APT group)
gptkbp:response	public disclosure update released to remove malware
gptkbp:resultedIn	compromised software update distribution of malicious CCleaner update
gptkbp:softwareVersionAffected	CCleaner 5.33.6162 CCleaner Cloud 1.07.3191
gptkbp:target	CCleaner software
gptkbp:targetedCompanies	technology companies hardware manufacturers telecom companies
gptkbp:usesMalware	backdoor
gptkbp:bfsParent	gptkb:Operation_Winnti
gptkbp:bfsLayer	7