A version of CCleaner, downloaded more than 2 billion times, was infected with malware

0
950

It’s designed to wipe out cookies and offer some web privacy protections. Avast Piriform says a protective action was performed: “Piriform believes that these users are safe now as its investigation indicates it was able to disarm the threat before it was able to do any harm,” says an Avast spokesperson.. Piriform was the company that Avast recently acquired and was the original company who developed the CCleaner software application.”The attackers are relying on the trust relationship between a manufacturer or supplier and a customer”, Cisco explained.

CCleaner-Consumer-Demographics
CCleaner Consumer Demographics

The same thing occurred in this case. “On September 13, 2017 while conducting customer beta testing of our new exploit detection technology, Cisco Talos identified a specific executable which was triggering our advanced malware protection systems. Upon closer inspection, the executable in question was the installer for CCleaner v5.33, which was being delivered to endpoints by the legitimate CCleaner download servers. The impact of this attack could be severe given the extremely high number of systems possibly affected. Affected systems need to be restored to a state before August 15, 2017 or reinstalled. Users should also update to the latest available version of CCleaner to avoid infection. The free version of CCleaner does not provide automated updates, so this might be a manual process for affected users.” Some tools that can detect and block this threat are: Advanced Malware Protection (AMP), CWS or WSA web scanning or Umbrella secure internet gateway.The CCleaner version containing the malicious payloads has been removed and is no longer available.

LEAVE A REPLY

Please enter your comment!
Please enter your name here