CCBkdr

CCBkdr is malware that was injected into a signed version of CCleaner and distributed from CCleaner's distribution website. [1] [2]

ID: S0222
Type: MALWARE
Platforms: Windows

Version: 1.1

Techniques Used

DomainIDNameUse
EnterpriseT1483Domain Generation AlgorithmsCCBkdr can use a DGA for Fallback Channels if communications with the primary command and control server are lost.[1]
EnterpriseT1195Supply Chain CompromiseCCBkdr was added to a legitimate, signed version 5.33 of the CCleaner software and distributed on CCleaner's distribution site.[1][2][3]

References