Ccleaner compromised - check what version you're using!

General discussion area and chat

Moderator: satrow

Forum rules
This General Discussions forum is an open chat area, so you can talk about almost any subject. Please keep things civil, though!

Please do try to somewhat stick to the relevance of this forum, which focuses on everything around the Pale Moon project and its user community. "Totally random" subjects don't really belong here, even in the general discussion area.
van p
Fanatic
Fanatic
Posts: 167
Joined: Thu, 19 Nov 2015, 07:15
Location: Cincinnati, OH, U.S.A.

Re: Ccleaner compromised - check what version you're using!

Postby van p » Fri, 22 Sep 2017, 06:29

Thanks to John connor and helloimustbegoing. I'll look into both those products.
Windows 10 Pro x64 v1709 | Pale Moon v27.7.2 x64

User avatar
Tomaso
Astronaut
Astronaut
Posts: 713
Joined: Thu, 23 Jul 2015, 16:09
Location: Norway

Re: Ccleaner compromised - check what version you're using!

Postby Tomaso » Fri, 22 Sep 2017, 22:53

CCleaner malware outbreak is much worse than it first appeared:
https://arstechnica.com/information-tec ... -appeared/
Now that it's known the CCleaner backdoor actively installed a payload that went largely undetected for more than a month, Williams renewed his advice that people who installed the 32-bit version of CCleaner 5.33.6162 or CCleaner Cloud 1.07.3191 reformat their hard drives.
He said simply removing the stage-one infection is insufficient given the proof now available that the second stage can survive and remain stealthy.

User avatar
satrow
Forum staff
Forum staff
Posts: 1527
Joined: Thu, 08 Sep 2011, 11:27

Re: Ccleaner compromised - check what version you're using!

Postby satrow » Sat, 23 Sep 2017, 00:14

Tomaso wrote:CCleaner malware outbreak is much worse than it first appeared:...


Sure it is, for at least 20 computers all belonging to 8 of those 20 companies listed, over the last 4 days out of the 31 that the server was active. No computers from outside of that select group of companies are known to have been infected.

So for some 2-300, maybe more, maybe less, out of the ~3,000,000 machines that visited, most likely all from those same 20 companies, it's much worse.

For the vast majority of infected x86 machines, they're in exactly the same position as they were in before these latest revelations - they don't have the secondary infection.

Eye-catching headline though.


Return to “General discussion”

Who is online

Users browsing this forum: Moz [Crawler] and 6 guests