10-15-2017, 04:11 AM
WARNING:
I'm posting this in several places because CCleaner is so popular around here.
Apparently on September 18, 2017 it was announced that certain versions -- CCleaner version 5.33.6162 and CCleaner Cloud version 1.07.3191 -- have been "compromised."
Further, this "compromise" supposedly only affected customers with the 32-bit version of the v5.33.6162 of CCleaner and the v1.07.3191 of CCleaner Cloud.
I understand that means malware was injected.
Once in place, the malware would wait five minutes, determine if the user had admin privileges, and then steal information from PCs, such as the computer's name, a list of installed software and Windows updates, running processes, MAC addresses of network adapters alongside additional information.
The stolen data was then sent to a US-based server under the control of a hacker.
Researchers at Cisco Talos, who first identified the problem, discovered that the installer for CCleaner v5.33 - first delivered to users' computers by the legitimate CCleaner download servers on August 15, 2017 - was the culprit.
What make things most concerning is that the malicious code was digitally signed using a valid digital certificate issued to the software's developer Piriform, who were acquired by anti-virus firm Avast just two months ago.
Their full news release, with links to FAQs, etc. can be found HERE.
You can get the latest (allegedly clean) version of CCleaner HERE.
I'm posting this in several places because CCleaner is so popular around here.
Apparently on September 18, 2017 it was announced that certain versions -- CCleaner version 5.33.6162 and CCleaner Cloud version 1.07.3191 -- have been "compromised."
Further, this "compromise" supposedly only affected customers with the 32-bit version of the v5.33.6162 of CCleaner and the v1.07.3191 of CCleaner Cloud.
I understand that means malware was injected.
Once in place, the malware would wait five minutes, determine if the user had admin privileges, and then steal information from PCs, such as the computer's name, a list of installed software and Windows updates, running processes, MAC addresses of network adapters alongside additional information.
The stolen data was then sent to a US-based server under the control of a hacker.
Researchers at Cisco Talos, who first identified the problem, discovered that the installer for CCleaner v5.33 - first delivered to users' computers by the legitimate CCleaner download servers on August 15, 2017 - was the culprit.
What make things most concerning is that the malicious code was digitally signed using a valid digital certificate issued to the software's developer Piriform, who were acquired by anti-virus firm Avast just two months ago.
Their full news release, with links to FAQs, etc. can be found HERE.
You can get the latest (allegedly clean) version of CCleaner HERE.
