Reply To: Vulnerability in Windows Disclosed by…an Agentcy. (Phoney Certificates)

Forums VoodooShield Support Forum General VoodooShield Discussions Vulnerability in Windows Disclosed by…an Agentcy. (Phoney Certificates) Reply To: Vulnerability in Windows Disclosed by…an Agentcy. (Phoney Certificates)

    gorblimey
    Participant
    none
    Aaahhhh.  Apologies all around.  I thought everyone knew about the CCleaner catastrophe.

    What happened was, Avast bought CCleaner, but it seems a few CCleaner employees weren’t happy.  They put a trojan into the product, and replaced the hash.  It was only done to one version of one variant, but caused havoc and much damage to Avast’s reputation.  The damage was made good, but it did serve to underline some realities.

    1) disgruntled employees can be a wonderful malware vector;

    2) the presence of a download hash is no guarantee the product is malware-free or that the repository has not been hacked*: it is only a guarantee the download was not intercepted in a MiM attack.

    * Mind you, any softs publisher that stores download hashes in the main repository is begging for trouble.

    And, sadly, not every software publisher automatically provides a download hash.

    _________________________________

    Understanding the scope of the problem is the first step on the path to true panic. [Florence Ambrose, "Freefall"]
    1
    0