Avast hacked in May. Intruder left almost no trace.
Avast, the cybersecurity company with over 400 million users, today admitted its internal systems had been breached by a hacker who used an employee’s compromised VPN profile to obtain domain admin privileges. Now security firm ramps up security for its product build and release environments. The attack, first flagged in May 2019, was made via a staff member’s temporary VPN profile that had erroneously been kept enabled and which did not require 2FA, Baloo said. She cited likely credential theft, noting “the temporary profile had been used by multiple sets of user credentials.” The company believes the attack targeted its CCleaner product, which was also compromised in 2017 in an attack first identified by Cisco Talos. In that incident, hackers used their access to push malware through the tool, but then also used compromise to specifically target at least 20 key companies, including Cisco itself, through the delivery of a second-