CCleaner App to Hack and Spread Malware!
For those of you who use the CCleaner application on both computers and smartphones, please be aware as a recent finding by cyber security researchers at Cisco Talos states that this free cleaning application has been hacked and there are ‘an enormous number of devices at risk’.
The CCleaner application was developed by Piriform which was later purchased by Avast. With 2 billion downloads or 5 million downloads per week, the free application CCleaner is a target for hackers by adding a ‘backdoor’ that can be used to introduce malware, ransomware and keyloggers into the application.
Cisco Talos findings state that version 5.33 of the CCleaner application, which was available between August 15 and September 12, has been modified to include Malware Floxif, which is a malware downloader that collects information about the infected system and sends the data to the hacker’s C&C server. This malware can also download and run other binaries, but when this news was released a few hours ago there was no valid evidence that Floxif downloaded additional second-stage payloads for infected devices.
Floxif malware collects important information such as computer name, list of installed applications, list of running applications, MAC page for 3 network interfaces and unique ID to identify each computer. Researchers at Talos found that this malware only works on Windows with 32-bit systems. This malware can also make users log out of the computer if they were not previously logged in as administrator.
According to a report released by Talos, the malware-infected version of CCleaner has been downloaded by 2.27 million users. Quoted from the Forbes page, Avast’s CTO Ondrej VIcek said “the figure of 2.27 million is a large number, so we completely underestimate this serious threat. but to the best of our knowledge, there is no reason for users to panic as we have done our best to prevent malware attacks before hackers take any further action.”
If Talos revealed that there were a lot of computers that were in danger because of this, but the opposite was revealed by Piriform who developed the CCleaner application. Vice President of Piriform, Paul Yung even gave an official statement as follows which was quoted from the Betanews.com page
“We would like to apologize for a security incident that was recently discovered in the CCleaner app version 5.33.6162 and CCleaner Cloud version 1.07.3191. There was unusual activity identified on September 12, 2021 where we saw foreign IP addresses receiving data from CCleaner software version 5.33.6162 and CCleaner Cloud version 1.07.3191 on computer devices with 32-bit Windows System. Based on further analysis, we found that CCleaner version 5.33.6162 and CCleaner Cloud version 1.07.3191 had been illegally modified before being released to the public and we immediately launched an in-depth investigation. We also directly contacted the legal department to deal with this issue.
Before explaining in technical language, let me say that this threat has been resolved in the sense that the problematic server has been disabled. Meanwhile other servers are not reachable by hackers and we are moving all currently active users of CCleaner version 5.33.6162 to the latest version. Users of CCleaner Cloud version 1.07.3191 have also received automatic updates. In other words, with all our best efforts, we can thwart these threats before they can cause problems for users.”
If you are one of the millions of users who downloaded the CCleaner software version 5.33 from the Piriform website, it’s a good idea to immediately update your software to the latest version of the CCleaner 5.32 application or CCleaner Cloud version 1.07.3214 which is clean from malware contamination.
Post a Comment for "CCleaner App to Hack and Spread Malware!"