Hackers plant malware in popular CCleaner

Popular software CCleaner infected with backdoor

Researchers at Cisco Talos, who first identified the problem, discovered that the installer for CCleaner v5.33 - first delivered to users' computers by the legitimate CCleaner download servers on August 15, 2017 - was the culprit.

Hackers have accessed a computer used to develop the popular PC optimizing software and added malicious code.

Piriform worked with United States law enforcement and had this third party server shut down on the 15th of September prior to releasing details of the compromise to allow the company to complete their initial assessment of the compromise.

According to Piriform, its new parent company Avast had found the affected versions of the software had been compromised on 12 September. This gave the attackers capability to harvest data from infected machines such as the computer name, IP address and lists of installed and active software.

The malware's main goal is to profile a victim's system and send that information to a server located in the US.

More news: California lawmakers approve sanctuary bill

Talos added: "This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organisations and individuals around the world".

After you have your new software downloaded, run a check on your system using malware protection software to be sure that CCleaner didn't leave any nasty invader behind. "In other words, to the best of our knowledge, we were able to disarm the threat before it was able to do any harm".

The compromised version of CCleaner and CCleaner Cloud may have been downloaded by as many as 2.27 million users, or about three percent of its users with 32-bit Windows PCs, according to Piriform.

In the meantime, they have already made download sites remove CCleaner v5.33.6162, they pushed out a notification to update CCleaner users from v5.33.6162 to v5.34, and automatically updated CCleaner Cloud users from v1.07.3191 to 1.07.3214.

"We also immediately contacted law enforcement units and worked with them on resolving the issue".

More news: Trump attacks ESPN, asks for apology over Jemele Hill comments

It was also possible that an insider had included the malware in the build or had an account compromised. In cases where the samples found by Talos did successfully communicate with the C&C server, they would generate a system profile of the computer they had infected and post it back to the server.

Piriform issued a statement on September 18th, 2017.

Yung declined to speculate on how the code appeared in CCleaner or where the attack originated from.

Piriform says that it's still investigating where the attack came from, and the company sent a reassuring message.

Again, we would like to apologise for any inconvenience this incident could have caused to our clients; we are taking detailed steps internally so that this does not happen again, and to ensure your security while using any of our Piriform products.

More news: Stout vs. Seattle: Packers' defense fuels opening triumph

Related:

Comments

Latest news

AP Top 25: Defending champion Clemson makes move to No. 2
One team that plummeted was LSU (2-1), which fell from No. 12 to 25 after being routed 37-7 by Mississippi State . Alabama remained No. 1 in the poll, followed by Clemson , Oklahoma, Penn State and USC in that order.

Google's UPI-based Tez payments app rolls out in India
The company said Tez Shield "helps detect fraud and prevent hacking", aiming to protect every transaction and ensure security . Tez works with all major Indian banks and the vast majority of smartphones - so you can pay or get paid by nearly anyone.

Kevin Hart Was Creeping And Involved in Multi-Million Dollar Extortion
Social media users are making fun of Kevin Hart's pregnant wife Eniko after her comedian husband admitted to cheating . A report surfaced in July 2017 that claimed Hart cheated on his with a woman he met in a Miami Beach nightclub.

Donald Trump shares video of himself hitting Hillary Clinton with golf ball
But the move comes as the Democrat has been back in the news promoting her memoir about her loss, " What Happened ". In addition to the animation taking aim at Clinton, the president retweeted a slew of other messages early Sunday.

PV Sindhu gets better of Okuhara, wins Korean Super Series
An exhausted Sindhu was on all fours on the court as Okuhara refused to give up, winning a long rally with a strong smash. The win was hailed by nearly everyone across the country, including sportspersons, politicians and celebrities.

Flying Lotus scores new Blade Runner animated short
Denis Villeneuve has the unenviable task of creating a sequel to Ridley Scott's beloved sci-fi classic, Blade Runner . Music composition is being handled by Flying Lotus .

Trump praising rapid response to Irma in Florida
The president also used the opportunity to encourage Scott to run for the Senate. "We're deadset on that", said Mr. Trump said to the man as he handed over bananas. "Historically there's never been anything like this, but the U.S.

Bikini-clad Behati Prinsloo reveals she's expecting second baby with Adam Levine
Nearly one year since giving birth to their first child, Behati Prinsloo and Adam Levine are expecting baby number two. Fans will have to wait and watch to see if Blake and Gwen will join Levine and Prinsloo to give us the good news.

JJ Abrams returns to Star Wars to write and direct Episode IX
With the success, both financially and critically, of The Force Awakens this good for not only the fans but for business as well. Star Wars: The Last Jedi is due for release on December 14 in the United Kingdom and December 15 in the USA.

Germany return to top of world rankings
Egypt retained their number one spot in Africa followed by Tunisia, Senegal and Congo DR. Macau in an away fixture in the 2019 AFC Asian Cup Qualification third round.

Rebel Wilson wins €3 million in 'malicious' defamation case
Wilson's lawyers, while speaking to CNN , said the amount is the "largest defamation damages award in Australian legal history". The judgement comes after a unanimous jury found Bauer Media guilty of defamation in Australian court in June.

Equifax Breach: Here's What You Need To Do
Some people who've followed Clark's step-by-step credit freeze guide say they're running into trouble with Equifax particularly. That is almost half the United States' population, many of which were unaware Equifax had their information to begin with.

Saudi Arabia, UAE, Venezuela open to extending oil production cuts
Irma made a landfall in Florida on Sunday and is barreling through the state to the northwest. The market is also watching closely for US inventories data in the wake of recent storms.

Aung San Suu Kyi should condemn the atrocities against the Rohingyas
The de facto leader of Myanmar is showing what others have in the past: partiality, a harsh streak, and a cold blooded instinct. Myanmar has said it is was counting on China and Russian Federation to protect it from any Security Council censure.

Sitharaman to hold daily meeting with service chiefs, Defence Secretary
She refused to comment on army chief General Bipin Rawat's recent statement that India must be prepared for two-front war. Ms Sitharaman is the first Defence Minister to visit the base since George Fernandes had last visited the base in 2001.

Other news