Hughesnet Community

PSA for CCleaner users!!

cancel
Showing results for 
Search instead for 
Did you mean: 
Amanda
Moderator

PSA for CCleaner users!!

Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million Infected

 

Read more:

https://www.forbes.com/sites/thomasbrewster/2017/09/18/ccleaner-cybersecurity-app-infected-with-back...

 

 

Tom's Hardware article link (less "junky"): http://www.tomshardware.com/news/avast-unknowingly-bundled-malware-ccleaner,35477.html   ---Thanks @C0RR0SIVE

 

 

Just uninstalled it from my phone, I used it as a quick way to uninstall apps and clear cache. Uninstalling from my PC as soon as I get home today!

~Amanda

 

17 REPLIES 17
BirdDog
Assistant Professor

Thanks Amanda! Luckily I didn't have the infected versions installed, hadn't updated it in awhile.

I used this for a very long time because I thought it was easier to just have a tool do for me what I could do in a few different built-in accessories for Windows. I'd rather do it all by hand than keep something I know might be comprimised again, especially with the threat of keyloggers and whatnot. 

Wow... Good to know.

 

Things like this is the single reason why I've avoided the temptation to use things like password utilities (like 1password) and such. That, and cloud-based things that make apps hand-off friendly.

 

All nice ideas, but as we know, that road is always paved with good intentions and someone's always out there looking for an exploit.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.

Massive kudos to ClamAV.

Untitled.jpeg


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.

Thanks @C0RR0SIVE I just grabbed the link off twitter, didn't realize it had so much junk on it without adblock/ublock origin on. 

Have seen some reports where the malware reports to something in the 216.126.x.x range.
Would not surprise me if it's ServerCrate, which uses 216.126.224.0 - 216.126.239.255 in my spam ID list.

 


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
GabeU
Distinguished Professor IV

Wow!  I got really nervous as I have CCleaner on all three of my machines, and they all had version 5.33, as well.  It wasn't until I read that it was only concerning the 32 bit versions that I felt a little relief.  Still, I've made sure to have all of my AV/AM software, including Malwarebytes, up to date and have completed scans.  I also downloaded and ran deep scans with both the Malicious Software Removal Tool and the Safety Scanner from Microsoft (not that they would really pick it up, anyway).  

 

Just last month I was reading complaints and speculations on another board about CCleaner now being owned by Avast and how things may change.  This doesn't bode well.   

Doesn't bode well for Avast, nor Symantec, whose certificates were compromised.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.

Marked decrease in spam in the last 12 hours. Amazing how that works...

All of a sudden all of the open relays get shut down after a mass security panic.

You'd think they'd be doing regular checks.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.

National Cyber Awareness System:

 

09/19/2017 01:44 PM EDT

Original release date: September 19, 2017

Piriform, a subsidiary of Avast, has released CCleaner 5.34 and has pushed v1.07.3214 to CCleaner Cloud users. These versions do not contain the Floxif malware found in the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191. Floxif malware collects information from the victim's system and can download additional malware to the system.

US-CERT encourages users and administrators to review the Piriform Security Notification and apply the necessary update.

 

GabeU
Distinguished Professor IV


@MarkJFine wrote:

Marked decrease in spam in the last 12 hours. Amazing how that works...

All of a sudden all of the open relays get shut down after a mass security panic.

You'd think they'd be doing regular checks.


No doubt.  I was somewhat shocked at the very small amount of spam I received around the time of the announcement, but, unfortunately, it looks like it's back to normal.  

In the last 28 hours I've recieved over 60 spam emails.  Ugh.  

 

My trap had been filtering about 60-70/day until the past couple of days.

Today: only 32, and mostly from Alibaba/Chinanet/China Unicom. The rest mostly from onesy-twosy zombies.

That's pretty significant.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
OldGuyShredsToo
New Poster

That's what you  get with FREE software!!

This is a pretty old topic now... No, this isn't what you get with some free software, there are tons of products out there that are free (and in some cases can be purchased for more features) that work amazingly well... Sometimes a bad egg hatches and the good software dies off for good, other times someone makes a bad decision then notices it backfire.

Good Stuff that has stayed decent over time:
Malware Bytes
CCleaner (Just a small hiccup...)
HiJackThis
ATTO
Skype
TeamViewer
HWMonitor
CPU-Z
3dMark
DropBox

Things that went to absolute crap!
Anything owned by Lavasoft
Anything owned by Lavalys
Photobucket
SpyBot S&D (not sure what happened to them, Malwarebytes just kicked their **bleep**)



Photobucket was a funny one... Consumer backlash was rather massive on twitter, facebook, and everywhere else that they had a Social PR presence, it got to the point that it seems Photobucket killed PR entirely and stuck to their guns going from a free offering to a $50 offering, that suddenly was only available on a $400 offering.  The idiots never learned and Photobucket is nearly dead now.  Ranked very highly on Alexa (Top 100), they are now at almost 3000, and falling rapidly.

GabeU
Distinguished Professor IV


@C0RR0SIVEwrote:

Things that went to absolute crap!
Anything owned by Lavasoft
Anything owned by Lavalys
Photobucket
SpyBot S&D (not sure what happened to them, Malwarebytes just kicked their **bleep**)

Photobucket was a funny one... Consumer backlash was rather massive on twitter, facebook, and everywhere else that they had a Social PR presence, it got to the point that it seems Photobucket killed PR entirely and stuck to their guns going from a free offering to a $50 offering, that suddenly was only available on a $400 offering.  The idiots never learned and Photobucket is nearly dead now.  Ranked very highly on Alexa (Top 100), they are now at almost 3000, and falling rapidly.


I used to use Adaware and Spybot S&D years ago.  At the time they were the best free programs/apps for adware and spyware.  It's interesting how things change like that over time.  

 

Photobucket:  They're getting exactly what they deserve, the jerks.  To throw so many people out into the cold like that, and so suddenly?  SMH.  

maratsade
Distinguished Professor IV

I used to use Spybot S&D.  It was fantastic.