CCleanup downloads piggyback malware
Posted: Mon 18 Sep 2017, 22:13
CCleanup: A Vast Number of Machines at Risk
I assume that CCleanup is a Windows-based program only, so this malware only affects Windows. Still, it just goes to show that you can't be too careful out there. Always wear your galoshes and carry an umbrella -- and a pistol for good measure.Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. CCleaner boasted over 2 billion total downloads by November of 2016 with a growth rate of 5 million additional users per week.