Author Topic: CCleaner infected with malware  (Read 224 times)

I D Shukhov

  • CCF Winner's Circle - Supporter
  • Wise Sage
  • *
  • Posts: 6195
    • View Profile
CCleaner infected with malware
« on: September 18, 2017, 06:27:46 AM »
https://www.theverge.com/2017/9/18/16325202/ccleaner-hack-malware-security

Thankfully I don't use CCleaner but was aware of it and may have used it in the distant past.

Quote
“For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner,” says the Talos team.

This has always been my fear:  an insider inserts malware into a legitimate product.  No checksum or signing would detect it.

Be Prepared.

JoFrance

  • CCF Winner's Circle - Supporter
  • Wise Sage
  • *
  • Posts: 2125
    • View Profile
Re: CCleaner infected with malware
« Reply #1 on: September 18, 2017, 05:15:25 PM »
I've used CCleaner lots of times.  It always did a good job so its really disappointing to hear that it can't be trusted anymore.

pxsant

  • CCF Winner's Circle - Supporter
  • Wise Sage
  • *
  • Posts: 1587
    • View Profile
Re: CCleaner infected with malware
« Reply #2 on: September 19, 2017, 04:17:53 AM »
CCleaner is actually from a company called Piriform.   They were bought out by Avast somewhere around July.   This happened after the transfer of Piriform assets to Avast.  Makes you wonder about a disgruntled employee as the possible culprit.

I checked all my systems and luckily I do not have CCleaner installed on any of them.

benali72

  • CCF Winner's Circle - Supporter
  • Wise Sage
  • *
  • Posts: 2562
    • View Profile
Re: CCleaner infected with malware
« Reply #3 on: September 19, 2017, 04:48:35 PM »
Thanks for the heads-up.

This article tells how to tell if you've been infected and how to fix it --

www.bleepingcomputer.com/how-to/security/ccleaner-malware-incident-what-you-need-to-know-and-how-to-remove/

Not all versions of CC were affected, apparently.

The Gorn

  • I absolutely DESPISE improvised sulfur-charcoal-salt peter cannons made out of hollow tree branches filled with diamonds as projectiles.
  • Trusted Member
  • Wise Sage
  • ******
  • Posts: 21655
  • Gorn Classic, user of Gornix
    • View Profile
Re: CCleaner infected with malware
« Reply #4 on: September 19, 2017, 04:49:31 PM »
CCleaner has been one of the most innocent programs around, right up there with Malwarebytes. Amazing.
Gornix is protected by the GPL. *

* Gorn Public License. Duplication by inferior sentient species prohibited.

JoFrance

  • CCF Winner's Circle - Supporter
  • Wise Sage
  • *
  • Posts: 2125
    • View Profile
Re: CCleaner infected with malware
« Reply #5 on: September 20, 2017, 05:35:55 PM »
What bothers me a lot is that people that do tech support depend on a lot of free utilities to solve problems.  Sometimes they buy them, sometimes not, but what a great loss to the tech support community to find out that these help utilities are infected with malware.  Its just sickening.

Maybe something happened when the company was bought out, that surely is possible like pxsant said. 

unix

  • Trusted Member
  • Wise Sage
  • ******
  • Posts: 3353
    • View Profile
Re: CCleaner infected with malware
« Reply #6 on: September 20, 2017, 06:06:37 PM »
This is the kind of shyte I only hear about on this forum. I don't read mainstream technology stuff so I had no idea.

Brawndo. It's got what plants crave.

The Gorn

  • I absolutely DESPISE improvised sulfur-charcoal-salt peter cannons made out of hollow tree branches filled with diamonds as projectiles.
  • Trusted Member
  • Wise Sage
  • ******
  • Posts: 21655
  • Gorn Classic, user of Gornix
    • View Profile
Re: CCleaner infected with malware
« Reply #7 on: September 20, 2017, 06:22:51 PM »
...what a great loss to the tech support community to find out that these help utilities are infected with malware.  Its just sickening.

Maybe something happened when the company was bought out, that surely is possible like pxsant said. 

I always believed that the PC desktop industry had a bit of a soul and some integrity, more than the smartphone industry, for instance. Companies like Spinrite and CCleaner and Malwarebytes always seemed like shining examples of good citizenship.

Fast forward to 2017 - fuck our customers, we can cash out BIG because we have this 30+ year old reputation we can trade off of, and it'll become someone else's problem.
Gornix is protected by the GPL. *

* Gorn Public License. Duplication by inferior sentient species prohibited.