CCleaner Malware Found In Version 5.3 of Software

Posted September 20, 2017

Consumers who downloaded the CCleaner security program thought that they were protecting their devices from malware, but security researchers at Cisco Talos say the app directly delivered malware to millions of users. The company stated that they released the uncompromised CCleaner version on September 12th and they again unveiled the CCleaner Cloud clean version on September 15th, 2017.

With 2 billion downloads and 125 million users, CCleaner is world's leading malware and virus removal tool, and around 5 million new users are being added every month.

The Talos team claims that its likely an external attacker was able to compromise CCleaner's build environment or that an insider at Piriform was responsible. It also only affects Windows users who have the 32-bit version of CCleaner.

Hurricane Maria headed towards the Caribbean
Hurricane Maria is a Category 1 with maximum sustained winds of 75 miles per hour moving west northwest at 15 miles per hour . Jose stays roughly 400 miles off of our coast today and will deliver once again large waves and a high risk of rip currents.

A spokeswoman said that 2.27 million users had downloaded the August version of CCleaner.

Avast encourages anyone using CCleaner to upgrade to version 5.34 or higher.

Data transmitted to the attacker's server included the computer's name, IP address, a list of installed software, a list of active software, and a list of network adapters. Yung said, "Based on further analysis, we found that the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public, and we started an investigation process". Users of the infected version of CCleaner Cloud received an automated update and Piriform believes that in the case of the cloud version, it was "able to disarm the threat before it was able to do any harm". The payload contained a Domain Generation Algorithm and Command and Control functionality that could be used to send encrypted information about the computer back to a server controlled by the hackers.

PV Sindhu Wins First Korea Open
The Korea Open final was a re-run of that epic battle with the only difference being the name of the champion. It was nearly a repeat of the World championship final, though the result reversed, in our favour.

He said the company quickly fixed the software once the malware had been spotted and that it automatically updated users to protect them from hackers.

The malware allowed an infected system to be remotely controlled and collects data from your computer. Even if you are not sure you downloaded the software or updated it in given time frame, you should update it to the latest version to avoid any issue.

"There is nothing a user could have noticed", said Talos researcher Craig Williams.

Paul Ryan Plugs Away at Tax Reform
In recent weeks, President Trump has referred publicly to "tax cuts" rather than the "tax reform" Ryan and Brady have discussed. In a statement Wednesday, the White House says Trump asked them to "help deliver tax cuts for American families".