CCleaner infected with malware


#1

Originally published at: https://www.myce.com/news/ccleaner-infected-malware-82528/

For almost a month this year, CCleaner was infected with the Floxif malware downloader. This affected version 5.33 of CCleaner and the CCleaner Cloud version 1.07.3191 from August 15th through September 12th. Floxif malware is a program designed to find sensitive information on your computer and upload it to a remote server. It can also…


#2

IDK which story is more sad, the fact that nobody at Puriform noticed their software had malware, or the fact that that have “cloud” cleaner.

How the heck did this get released to the public? Was everyone too stupid to look at the source code and see the malicious functions? Do they always releasea bunch of crap without verifying any of it?

Also, why would I want to run this program in my browser when I can run what is probably a more efficient version locally? Also, a local version doesn’t really need the Internet, so one could create a firewall rule to prevent this program from accessing the internet, which means it can’t spy on you. Did I mention the local version can run off a thumb drive? At least I’m pretty sure it can, although I’m not 100% sure.


#3

This is what happens when AVG took-over the helm…they themselves are a malware progenitor as well. We should all dump CCleaner now since it no longer can be trusted.


#4

Just removed it, hardly used it anyway asI have alternatives.


#5

I do have the early version before Avast took the dump and bought them out. So I don’t have to worry the old version works fine still but for mindthought I do “custom” install so that is one reason my CCleaner install is clean of (&^&^& from Avast (&(&( but then again I have the version if I did it right before Avast bought them. Here’s what I read from another site…

[quote]version 5.33.6162 of CCleaner[/quote]So looks like I will be going and deleting CCleaner or checking to see if it broke past my custom install as well. Since this is the version I recall having … aahh…(^&(&(*& this is just the dumps to go back and check.

Link:
https://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users

[quote]Before delving into the technical details, let me say that the threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker, and we’re moving all existing CCleaner v5.33.6162 users to the latest version. Users of CCleaner Cloud version 1.07.3191 have received an automatic update.[/quote]Here’s something I trust even less…considering they didn’t admit til they were outted.

If it takes this site.

[quote]According to this site and the linked blog (with more technical details), CCleaner and it’s servers were compromised.[/quote] to outt them then they can’t be trust to say they fixed it.

They should’ve come out before this site made it so but coming after the fact I have little doubt they will really make a concerted effort to fix it.


#6

Isn’t Avast not AVG who now owns. Piriform ?
Not that it matters .


#7

Looks like it was Avast. So those that did custom install with the infected version did you encounter problems?