CCleaner is now malware!

Moderators: b1o, jkerr82508

User avatar
Posts: 9337
Joined: 14 Mar 2010, 16:34

CCleaner is now malware!

Postby viking60 » 22 Sep 2017, 10:49

The popular free alternative to clean up your Windows and make it snappy again has been hacked!

CCleaner now comes with a backdoor and it is very sophisticated. It stays in memory which makes it hard to analyze and works in three phases.

Step one gathers vital data about hardware and software and prepares for further infection.
Further infection could be anything and it will not help to only remove the stage one infection.

If you are infected you need to reformat your Hard-drive

Step two is to spread ransomeware.worm to targeted IT giants.

Step thre is to take control of your certificates and infrastructure and be in total control of your digital life.

This can be in stealth mode - so you won't even know.

This is bad for one of the most trusted cleanup systems out there :C

What to do?

CCleaner was infected for 31 days and has already made a lot of damage and no one can say how much!

CCleaner 5.33 and CCleaner Cloud 1.07.3191 are infected

If you have it installed or updated it in September- remove it and reformat your disk! +1

The guys behind the hack are real pros and could be from China according to the traces found.

But given the level of sophistication this could well be an intended false clue. :confused

(The FBI or NSA probably have this kind of sophistication too as do the Russians....)

More here
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"

User avatar
Posts: 2766
Joined: 17 Mar 2010, 15:40

Re: CCleaner is now malware!

Postby R_Head » 22 Sep 2017, 18:40

I got a good Windows Cleaner and is cheap....

format c: /Q

User avatar
Posts: 418
Joined: 18 Aug 2010, 21:52
Location: northwestern Pa.

Re: CCleaner is now malware!

Postby gnuuser » 23 Sep 2017, 14:43

thats typical of any windows cleaner software
Ive found a lot of it contained malware
also many of those companies designed ransome ware to direct you to their site to buy the code to remove their own crap
its one of the main reasons i got away from win hosed
registered Linux user number 505431
Amateur radio call sign KC3TEC
miracle (mere-ack-ull) :
the aspiration of the indigent, the expectation of the indolent, and the inspiration of the ignorant.

Im so old even dirt was my apprentice!

Return to “Win News”