Cybersecurity compromises are becoming a common occurrence and security companies are at the forefront enforcing the right defenses against these. That puts them directly the in-line of fire. Avast has said that it detected some suspicious activity in its network on September 23.
The security giant sought an investigation into the matter in a joint effort that saw the participation of the Czech intelligence agency, Security Information Service (BIS), and an external forensics team. The investigation found that an internal network was accessed with compromised credentials using a temporary VPN profile. The profile was reportedly kept enabled and did not need two-factor authentication.
BIS in a statement said: “Everything from data analysis so far suggests that the attack came from China, with the intention to take control of the popular optimization tool CCleaner, and through that also users’ computers.”
Contrary to this statement, Avast said that it was unlikely to find out who was behind the attack. But the company said that the attack was extremely sophisticated in nature and the malicious actor was looking to infiltrate the network undetected.
The company has clarified that CCleaner has been checked for any possible malicious alterations and declared the product to be protected and unaffected.