Jump to content


Photo

Hackers used a massively popular PC cleanup tool to distribute malware


  • Please log in to reply
8 replies to this topic

#1 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,392 posts

Posted 18 September 2017 - 07:01 PM

Hackers used a massively popular PC cleanup tool to distribute malware
Business Insider UK

Shona Ghosh, Business Insider UK
18.09.2017, 12:12 365

It turns out you can't even trust your own antivirus provider not to infect your computer with malware. Hackers managed to hijack a popular PC cleanup tool, CCleaner, meaning that anyone who downloaded or updated it between mid-August to mid-September also downloaded malware without realising it.

Read the full article at:
http://www.businessi...-malware-2017-9

 

 



#2 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,392 posts

Posted 18 September 2017 - 07:02 PM

See in addition the Cisco Talos Blog about that issue please:

 

Monday, September 18, 2017
CCleanup: A Vast Number of Machines at Risk
This post was authored by: Edmund Brumaghin, Ross Gibb, Warren Mercer, Matthew Molyett, and Craig Williams

 

Update 9/18: CCleaner Cloud version 1.07.3191 is also reported to be affected

 

http://blog.talosint...es-malware.html

 



#3 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,392 posts

Posted 18 September 2017 - 07:04 PM

Official Piriform Release Announcements

 

Monday, September 18, 2017
Security Notification for CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 for 32-bit Windows users

We recently determined that older versions of our Piriform CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 had been compromised. We estimate that 2.27 million people used the affected software. We resolved this quickly and believe no harm was done to any of our users.

 

This compromise only affected customers with the 32-bit version of the v5.33.6162 of CCleaner and the v1.07.3191 of CCleaner Cloud. No other Piriform or CCleaner products were affected.

 

We encourage all users of the 32-bit version of CCleaner v5.33.6162 to download v5.34 here: download. We apologize and are taking extra measures to ensure this does not happen again.

More:
http://www.piriform....t-windows-users

 



#4 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,392 posts

Posted 18 September 2017 - 07:09 PM

Avast! There’s malware in that CCleaner software update
Avast's recent acquisition spreads a backdoor signed with its own certificate.

Sean Gallagher - Sep 18, 2017 3:08 pm UTC

For more see:
https://arstechnica....es-to-ccleaner/

 



#5 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,392 posts

Posted 18 September 2017 - 07:11 PM

CCleaner supply chain compromised to distribute malware

CCleaner app version 5.33 that was available for download between August 15 and September 12 was modified to include the Floxif malware Bad news for the users of the CCleaner app, according to researchers with Cisco Talos, version 5.33 that was available...

September 18, 2017  By Pierluigi Paganini   Posted In  Breaking News  Cyber Crime  Hacking  Malware  

http://securityaffai...in-malware.html

 



#6 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,392 posts

Posted 18 September 2017 - 07:18 PM

Security warning: Hackers compromised CCleaner and installed a backdoor

By Mark Wycislik-Wilson
Published 2017-09-18

Users of cleanup, privacy and optimization tool CCleaner are being warned to update their software after it emerged the tool was compromised by hackers. Security researchers at Cisco Talos say that there are a "vast number of machines at risk."

https://betanews.com...acked-backdoor/

 



#7 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 35,985 posts

Posted 19 September 2017 - 06:40 PM

Update to the CCleaner 5.33.6162 Security Incident

https://blog.avast.c...160496580636911



#8 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,392 posts

Posted 19 September 2017 - 07:07 PM

CCleaner hacked with malware: What you need to know
More than 2 million users possibly at risk.

Michael Simon By Michael Simon

Staff Writer, PCWorld | Sep 18, 2017 7:33 AM PT

It seems that CCleaner, one of PCWorld’s recommendations for the best free software for new PCs, might not have been keeping your PC so clean after all. In an in-depth probe of the popular optimization and scrubbing software, Cisco Talos has discovered a malicious bit of code injected by hackers that could have affected more than 2 million users who downloaded the most recent update.
 

https://www.pcworld....ed-malware.html

 



#9 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,392 posts

Posted 20 September 2017 - 07:29 PM

Attack on CCleaner Highlights the Importance of Securing Downloads and Maintaining User Trust

Commentary by Gennie Gebhart
September 19, 2017

Some of the most worrying kinds of attacks are ones that exploit users’ trust in the systems and softwares they use every day. Yesterday, Cisco’s Talos security team uncovered just that kind of attack in the computer cleanup software CCleaner. Download servers at Avast, the company that owns CCleaner, had been compromised to distribute malware inside CCleaner 5.33 updates for at least a month. Avast estimates that over 2 million users downloaded the affected update.

Please read the full article:
https://www.eff.org/...aintaining-user