Madshrimps Forum Madness

Madshrimps Forum Madness (https://www.madshrimps.be/vbulletin/)
-   WebNews (https://www.madshrimps.be/vbulletin/f22/)
-   -   CCleaner Was Compromised for a Month (https://www.madshrimps.be/vbulletin/f22/ccleaner-compromised-month-168353/)

Stefan Mileschin 22nd September 2017 05:26
CCleaner Was Compromised for a Month
 
Nextweb reports that CCleaner 5.33.6162 and CCleaner Cloud version 1.07.3191 were hacked. Between August 15 and September 12 about 2.27 million users downloaded the infected CCleaner version with 5,000 using CCleaner Cloud. The vulnerability allowed a two-stage backdoor to be inserted when running the CCleaner.exe. The malware was also collecting other information including the name of the computer, list of installed software and running processes, and MAC adresses of the first three network adapters. Anyone who has downloaded that version should update immediately. "To the best of our knowledge, the second-stage payload never activated… It was prep for something bigger, but it was stopped before the attacker got the chance."

http://www.hardocp.com/news/2017/09/...sed_for_month/

jmke 22nd September 2017 09:36
this is crazy, av company buys CCLeaner and then allows malware to get distributed in an update... like...WTF?

Stefan Mileschin 23rd September 2017 14:29
Quote:
Originally Posted by jmke (Post 361265)
this is crazy, av company buys CCLeaner and then allows malware to get distributed in an update... like...WTF?
Yes, really stupid! The company I am working for has now required to uninstall manually the utility from about 100 stations, which is a real chore to do....


All times are GMT +1. The time now is 00:22.

Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO