CCLEANER MALWARE UPDATE
Most recently, just last month, the company was forced to pull the latest update following an outcry over privacy issues and obscure tactics to keep the utility running in the background.īut does that make CCleaner a bad application that should be frowned upon?ĭeveloper Piriform retracted CCleaner's last update due to the controversy, so if you are running v5.44 of the software, now listed as the most recent version on the developer's site and TechSpot's download section, the above should be a non-issue.
CCLEANER MALWARE SOFTWARE
On the other hand, users had long been complaining about bundled software and popup ads appearing in the utility. Nevertheless, to be fair, this has happened to many other developers, big and small. You may recall last summer (two months after being acquired by Avast), it was disclosed that the tool had been infected with Floxif malware. Going from 6MB in February 2016 to around 15MB around its v5.41.x release in March this year. While CCleaner has certainly grown up since its "crap cleaner" days, it's certainly gotten more bloated over the years as well. However since security giant Avast acquired it last year, it's been a stormy ride that's had many doubting how effective or trustworthy the tool really is.
CCLEANER MALWARE ANDROID
Zscaler Cloud Security Platform provides native SSL inspection.For a long time CCleaner has been the most popular system-cleaning tool for Windows, extending its reach to other platforms like macOS and Android phones.
Over 60% of Internet traffic is over SSL, yet most advanced threats hide in SSL. SSL inspection is necessary to protect organizations.
Here is a sample Cloud Sandbox report from one such detonation: Zscaler Cloud Sandbox successfully detected the payloads from this compromise. Zscaler added multiple signatures and indicators for blocking the original payloads as well as post-infection activity shortly after the information was disclosed to help any affected organizations in their remediation efforts.Ĭloud Sandbox provides the best line of defense in a proactive manner against these threats. How Zscaler Can Help with Preventative Measures The Zscaler team has been actively monitoring this issue over the past 72 hours and has added multiple protections to block the payloads as well as post-infection activity for the backdoor module.Īvast contacted all the impacted customers and revoked the legitimate certificate that was used to sign the compromised version of CCleaner package and issued an updated version of the package. It is important to note that the malicious CCleaner installer package was delivered using CCleaner’s software update infrastructure over HTTPS and was signed using a legitimate certificate. Per Avast, 700K users downloaded and installed the compromised version of CCleaner, however, only the 20 users that belonged to the targeted organizations were served with a second stage payload. Users from a very targeted list of organizations including Microsoft, Cisco, Intel, VMware, Sony, etc., were the only ones to be served a second stage malware payload.
CCLEANER MALWARE CODE
The injected malicious code causes the compromised machine to communicate back to a predetermined C&C server (hardcoded IP addresses and DGA domains) to report infection and download a second stage malware payload. Attackers managed to compromise the software update infrastructure sometime in August 2017 and inject malicious code in the CCleaner update v5.33 and cloud version v1.07. CCleaner is a very popular file system and registry clean up utility that optimizes performance by removing unneeded registry entries and files. Earlier this week, Avast, a multinational security software vendor, reported a compromise of their Windows system utility CCleaner.
0 kommentar(er)
