(old)Puppy Linux Discussion Forum

READ-ONLY Archive
https://oldforum.puppylinux.com/

CCleanup downloads piggyback malware

https://oldforum.puppylinux.com/viewtopic.php?t=111578

Page 1 of 1

CCleanup downloads piggyback malware

Posted: Mon 18 Sep 2017, 22:13
by Flash
CCleanup: A Vast Number of Machines at Risk
Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. CCleaner boasted over 2 billion total downloads by November of 2016 with a growth rate of 5 million additional users per week.
I assume that CCleanup is a Windows-based program only, so this malware only affects Windows. Still, it just goes to show that you can't be too careful out there. Always wear your galoshes and carry an umbrella -- and a pistol for good measure. :lol:

Technical details

Posted: Mon 18 Sep 2017, 22:22
by 6502coder
A good technical discussion can be found here:
http://blog.talosintelligence.com/2017/ ... lware.html

Re: CCleanup downloads piggyback malware

Posted: Tue 19 Sep 2017, 01:16
by bark_bark_bark
Flash wrote:CCleanup: A Vast Number of Machines at Risk
Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. CCleaner boasted over 2 billion total downloads by November of 2016 with a growth rate of 5 million additional users per week.
I assume that CCleanup is a Windows-based program only, so this malware only affects Windows. Still, it just goes to show that you can't be too careful out there. Always wear your galoshes and carry an umbrella -- and a pistol for good measure. :lol:
Ccleaner is owned by Avast now, so that's just a good enough reason to stay away from it.

Re: CCleanup downloads piggyback malware

Posted: Tue 19 Sep 2017, 18:44
by Tag365
bark_bark_bark wrote: Ccleaner is owned by Avast now, so that's just a good enough reason to stay away from it.
I thought that Avast was considered a good company. Why are they distributing malware in the download?

Re: CCleanup downloads piggyback malware

Posted: Tue 19 Sep 2017, 23:20
by Flash
Tag365 wrote:...Why are they distributing malware in the download?
Giving them the benefit of the doubt, they probably had no idea their server and certificate had been pwned and a malicious payload added to the download.

a little clarity here

Posted: Wed 20 Sep 2017, 09:14
by 8Geee
USA Today has an article about it

https://www.usatoday.com/story/tech/tal ... 678277001/#

This was a hack of known good SW. It was/is apparantly targetting Android users.

Sorry, I won't hot link, Ctrl C&V please. THanks

Regards
8Geee
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited