List of installed software, including Windows updates.The malicious software was programmed to collect a large number of user data, including: “The encoded information was subsequently submitted to an external IP address .x (this address was hardcoded in the payload, and we have intentionally masked its last two octets here) via a HTTPS POST request.” “All of the collected information was encrypted and encoded by base64 with a custom alphabet,” says Paul Yung, V.P. Moreover, the unknown hackers signed the malicious installation executable (v5.33) using a valid digital signature issued to Piriform by Symantec and used Domain Generation Algorithm (DGA), so that if attackers’ server went down, the DGA could generate new domains to receive and send stolen information. Earlier this year, update servers of a Ukrainian company called MeDoc were also compromised in the same way to distribute the Petya ransomware, which wreaked havoc worldwide.Īvast and Piriform have both confirmed that the Windows 32-bit version of CCleaner v and CCleaner Cloud v were affected by the malware.ĭetected on 13 September, the malicious version of CCleaner contains a multi-stage malware payload that steals data from infected computers and sends it to attacker’s remote command-and-control servers. This incident is yet another example of supply chain attack. Security researchers from Cisco Talos discovered that the download servers used by Avast to let users download the application were compromised by some unknown hackers, who replaced the original version of the software with the malicious one and distributed it to millions of users for around a month. Ultimately, Avast is a business looking to make money, and to recoup the outlay it spent on buying Piriform, but plenty of users are unhappy with the direction their favorite cleaning tool is taking and it's easy to see why.ĭo you still use CCleaner? Are you annoyed by what Avast has done with it? Sound off in the comments below.If you have downloaded or updated CCleaner application on your computer between August 15 and September 12 of this year from its official website, then pay attention - your computer has been compromised.ĬCleaner is a popular application with over 2 billion downloads, created by Piriform and recently acquired by Avast, that allows users to clean up their system to optimize and enhance performance. It's clear from what's said in the quote above that Avast plans to push more advertising messages to users in the future, and I wouldn't be surprised if we don't see Avast Antivirus bundled with CCleaner again at some point. You can manage this in the 'Cookies to Keep' list of the Options > Cookies menu. For this reason these cookies have been whitelisted by default. Just be aware that if you clean these cookies you will see certain messages with much greater frequency than if the cookie was there. We will be using the dynamic messaging system extensively in future releases to help us run tests for the UI. It’s a one-time ad, although as Techdows points out, if you remove cookies set by CCleaner, you will see the messages again. In CCleaner 5.43, Avast updated its privacy policy to keep it in line with GDPR, and also added new privacy settings, but initially only allowed Professional users to opt-out of data usage sharing with third parties.Īnd now in the latest version of the software, CCleaner 5.44, there’s an annoying popup Summer Sale message. If you’ve installed the system cleaning software recently, you’ll no doubt have noticed that it came bundled with Avast Antivirus.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |