I assume that CCleanup is a Windows-based program only, so this malware only affects Windows. Still, it just goes to show that you can't be too careful out there. Always wear your galoshes and carry an umbrella -- and a pistol for good measure.Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. CCleaner boasted over 2 billion total downloads by November of 2016 with a growth rate of 5 million additional users per week.
CCleanup downloads piggyback malware
CCleanup downloads piggyback malware
CCleanup: A Vast Number of Machines at Risk
Technical details
A good technical discussion can be found here:
http://blog.talosintelligence.com/2017/ ... lware.html
http://blog.talosintelligence.com/2017/ ... lware.html
-
- Posts: 1885
- Joined: Tue 05 Jun 2012, 12:17
- Location: Wisconsin USA
Re: CCleanup downloads piggyback malware
Ccleaner is owned by Avast now, so that's just a good enough reason to stay away from it.Flash wrote:CCleanup: A Vast Number of Machines at RiskI assume that CCleanup is a Windows-based program only, so this malware only affects Windows. Still, it just goes to show that you can't be too careful out there. Always wear your galoshes and carry an umbrella -- and a pistol for good measure.Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. CCleaner boasted over 2 billion total downloads by November of 2016 with a growth rate of 5 million additional users per week.
....
Re: CCleanup downloads piggyback malware
I thought that Avast was considered a good company. Why are they distributing malware in the download?bark_bark_bark wrote: Ccleaner is owned by Avast now, so that's just a good enough reason to stay away from it.
Re: CCleanup downloads piggyback malware
Giving them the benefit of the doubt, they probably had no idea their server and certificate had been pwned and a malicious payload added to the download.Tag365 wrote:...Why are they distributing malware in the download?
a little clarity here
USA Today has an article about it
https://www.usatoday.com/story/tech/tal ... 678277001/#
This was a hack of known good SW. It was/is apparantly targetting Android users.
Sorry, I won't hot link, Ctrl C&V please. THanks
Regards
8Geee
https://www.usatoday.com/story/tech/tal ... 678277001/#
This was a hack of known good SW. It was/is apparantly targetting Android users.
Sorry, I won't hot link, Ctrl C&V please. THanks
Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
"Zuckerberg: a large city inhabited by mentally challenged people."