Hackers backdoored CCleaner, likely affecting tens of millions of users

Even so, a large number of users could potentially have been affected given that CCleaner is reportedly downloaded 5 million times per week (and has racked up over two billion downloads since November of last year).

The version of CCleaner tried to connect to several unregistered web pages, presumably to download other programmes.

Piriform revealed that the malware collected system information-including lists of installed software and Windows updates, MAC addresses of network adapters, PC names and information from the Windows registry key; all of which was sent to a remote server.

CCleaner has gotten compromised in a massive security breach which could affect upwards of 2.27 million users of the popular clean-up software. "We believe that these users are safe now as our investigation indicates we were able to disarm the threat before it was able to do any harm", the company said. Piriform says that it's resolved the threat by making sure the rogue server is down and others are out of the hacker's purview.

"It's worth pointing out that you may want to go one step further than just downloading a fixed version of CCleaner", he said. The popularity of the application resulted in the researchers' decision to move quickly on the matter, prompting developers Piriform to release a stable version of CCleaner 5.34 and automatically updating the Cloud server.

The details are still being reconstructed, but it appears hackers compromised the server the CCleaner executable (i.e. the program you download) was stored on and put the malware over the top, sort of like somebody sneezing on your salad before handing it to you.

Hackers hid malware in CCleaner antivirus software

But that means up to 2.27 million users could be vulnerable, and Piriform is urging all users of the affected versions to download v5.34.

According to Piriform, its new parent company Avast had found the affected versions of the software had been compromised on 12 September. "Users should also update to the latest available version of CCleaner to avoid infection", Cisco advises. A new, uncompromised version of CCleaner was released the same day and a clean version of CCleaner Cloud was released on September 15, it said. "Attackers have shown that they are willing to leverage this trust to distribute malware while remaining undetected", the blog post said.

Love CCleaner? Have it on your computer?

The booby-trapped version was signed using a valid security certificate that was issued to Piriform by Symantec, which researchers found was valid through to 10/10/2018.

"We are continuing to investigate how this compromise happened, who did it, and why", Piriform said.

Attackers could use infected machines "for any number of malicious purposes" as there are capabilities in the malware to download and run second-stage payloads; possibly to steal personal and financial information.



Popular
  • USA  targets Kim Jong-un's assets, oil supply to North

    USA targets Kim Jong-un's assets, oil supply to North

    But Wang also stressed that " sanctions and pressure" must be go hand in hand with "dialogue and negotiation" with Pyongyang. Previously, South Korea was limited to their missiles having a range of 800km and warheads weighing more than 500kg.
    Joe Paterno May Have Admitted To Prior Knowledge Of Jerry Sandusky's Abuses

    Joe Paterno May Have Admitted To Prior Knowledge Of Jerry Sandusky's Abuses

    What did Joe Paterno know and when did he know it? Paterno was the head coach of the Penn State football team from 1966 to 2011. In the wake of Sandusky's arrest, Paterno was sacked from Penn State in November 2011, after 46 years as head football coach.
    Teen Held Captive for a Month Escapes Kidnappers

    Teen Held Captive for a Month Escapes Kidnappers

    During questioning, Powers admitted to staying at Barker's place for two weeks and having sexual relations with the girl. She was found running through a field about 1:30 p.m.in rural Grant County , Minn., Alexandria Police said .
  • Watch SpaceX's greatest explosions: Elon Musk shares 'blooper reel'

    Watch SpaceX's greatest explosions: Elon Musk shares 'blooper reel'

    These landings were to be attempted over water, while the first attempt to land on solid ground succeeded on December 21st, 2015. Since the hard beginnings shown in the video , though, SpaceX has found success - pulling off 16 booster landings.
    The Democrat Repeal and Replace Plan: Single-Payer

    The Democrat Repeal and Replace Plan: Single-Payer

    The momentum among Democratic 2020 hopefuls showcases the scale of Sanders' early influence over the 2020 Democratic process. Like Sanders, Booker, Harris and Warren have all been floated as potential Trump challengers in the 2020 presidential race.
    We Have Exciting Baby News About Kim Kardashian And Kanye West

    We Have Exciting Baby News About Kim Kardashian And Kanye West

    An insider claimed the surrogate they've hired is in her twenties, and she was approached by Kim and Kanye through an agency. This timeline aligns nicely with TMZ's story, which states the baby is due in January .
  • DOJ Petitions Supreme Court To Overturn Lower Court's Limits on Travel Ban

    DOJ Petitions Supreme Court To Overturn Lower Court's Limits on Travel Ban

    Under the terms of Trump's order, the 90-day travel ban would end before the arguments even happen - on September 27. The Supreme Court in July largely upheld that ruling, though it put on hold the portion dealing with refugees.
    Hingis-Murray double up for title

    Hingis-Murray double up for title

    Murray said he had enjoyed every minute of his time on court with Hingis. "He texted me and said well done", he told reporters. Open tennis tournament against Sania Mirza, of India, and Peng Shuai, of China, Friday, Sept. 8, 2017, in NY .
    Pennsylvanians analyze proposed Title IX rollbacks

    Pennsylvanians analyze proposed Title IX rollbacks

    In an email, they said they are advocating for students to be part of the process for selecting a commencement speaker. One proposed idea DeVos discussed was the development of a "Regional Center model" to handle Title IX complaints.
  • Gasoline prices slowly falling with bigger drops ahead

    Gasoline prices slowly falling with bigger drops ahead

    The least expensive gas price averages in Georgia were in Augusta-Aiken at $2.62, Columbus at $2.63 and Macon at $2.63. The decline in price is the first reported since August 21 when prices declined by three cents per gallon.
    Clemson climbs to No 2 in AP poll rankings

    Clemson climbs to No 2 in AP poll rankings

    Also new to the top 25 are San Diego State , Utah and OR which are ranked 22nd, 23rd and 24th, respectively. Losses by LSU to Mississippi State and Louisville dropped those teams to 19th and 20th this week.
    Forex - Dollar remains broadly higher in subdued trade

    Forex - Dollar remains broadly higher in subdued trade

    The dollar retraced some of last week's decline against major peers as worries surrounding North Korea and hurricane Irma eased. It's caused severe flooding and knocked out power to millions, but the storm weakened shortly before it came ashore.

CONNECT