CCBkdr

CCBkdr is malware that was injected into a signed version of CCleaner and distributed from CCleaner's distribution website. [1] [2]

ID: S0222
Type: MALWARE
Platforms: Windows
Version: 1.1

Techniques Used

Domain ID Name Use
Enterprise T1483 Domain Generation Algorithms CCBkdr can use a DGA for Fallback Channels if communications with the primary command and control server are lost.[1]
Enterprise T1195 Supply Chain Compromise CCBkdr was added to a legitimate, signed version 5.33 of the CCleaner software and distributed on CCleaner's distribution site.[1][2][3]

References