| Submit your comments on this article |
| -Short Attention Span Theater- |
| Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million Infected |
| 2017-09-18 |
| Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast's own figures, 2.27 million ran the affected software, though the company said users should not panic. The affected app, CCleaner, is a maintenance and file clean-up software run by a subsidiary of anti-virus giant Avast. It has 2 billion downloads and claims to be getting 5 million extra a week, making the threat particularly severe, researchers at Cisco Talos warned. Comparing it to the NotPetya ransomware outbreak, which spread after a Ukrainian accounting app was infected, the researchers discovered the threat on September 13 after CCleaner 5.33 caused Talos systems to flag malicious activity. Further investigation found the CCleaner download server was hosting the backdoored app as far back as September 11. Talos warned in a blog Monday that the affected version was released on August 15, but on September 12 an untainted version 5.34 was released. For weeks then, the malware was spreading inside supposedly-legitimate security software. The malware would send encrypted information about the infected computer - the name of the computer, installed software and running processes - back to the hackers' server. The hackers also used what's known as a domain generation algorithm (DGA); whenever the crooks' server went down, the DGA could create new domains to receive and send stolen data. Use of DGAs shows some sophistication on the part of the attackers. CCleaner's owner, Avast-owned Piriform, has sought to ease concerns. Paul Yung, vice president of product at Piriform, wrote in a post Monday: "Based on further analysis, we found that the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public, and we started an investigation process. |
| Posted by:gorb |
| #6 Â Sometimes you get more than what you pay for. And "free" is often priced appropriately, tho I have found CCleaner useful with adult supervision. |
| Posted by: M. Murcek 2017-09-18 18:46 |
| #5 Sometimes you get more than what you pay for. |
| Posted by: Skidmark 2017-09-18 18:02 |
| #4 One word "LINUX". |
| Posted by: 3dc 2017-09-18 12:02 |
| #3 I installed v. 5.34.6207 last week. That's the version you should upgrade to if you're running CCleaner. |
| Posted by: Raj 2017-09-18 11:21 |
| #2 I guess I'm OK. Haven't updated from V4.16. Sometimes it pays to let others test the water. |
| Posted by: ed in texas 2017-09-18 07:55 |
| #1 Headquartered in Praque, Czech Republic. US has just advised not to use Kaspersky anit-virus either. Headquarted in Moscow, Russia. Globalist entities. Players in the fall of 'Rome'. |
| Posted by: Hupeting Sforza8196 2017-09-18 07:19 |