Information CCleaner Compromised to Gather and Transmit Information About Its Users

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Status
Not open for further replies.
R

Rustys

Administrator
Support Team
Jul 22, 2016
7,946
1,030
127.0.0.1
pchelpforum.net
Piriform, the company that makes the popular CCleaner application, just announced that their application was hijacked and used to gather information about its users and send it to an unknown party.

ccleaner-compromised-to-gather-and-transmit-information-about-its-users-517750-2.jpg


Hackers usually prefer to penetrate insufficiently secured servers and get the data they want in that manner, but that usually means that webmasters and programmers were not doing their job. Compromising the code for an application to gather information about user’s devices before that app is distributed is on a different level.

Piriform hasn’t said anything about how their systems were penetrated or how the executable was modified before launch, but they did reveal everything that’s been going on, and it’s not a pretty sight. In fact, if you read the short description of the event, it’s even more terrifying.

“An unauthorized modification of the CCleaner.exe binary resulted in an insertion of a two-stage backdoor capable of running code received from a remote IP address on affected systems, ” wrote Paul Yung, VP for Products at Piriform.

More information
http://news.softpedia.com/news/ccle...smit-information-about-its-users-517750.shtml

https://www.theverge.com/platform/amp/2017/9/18/16325202/ccleaner-hack-malware-security
 
  • Like
Reactions: veeg, phillpower2 and jmarket
The gift the just keeps giving.

CCleaner malware targeted internal networks at Google, Microsoft, and Samsung​

More sophisticated than your average malware

acastro_170621_1777_0006_v2_fin.0.jpg

The malware attack on Windows utility CCleaner may have been more targeted and sophisticated than it seemed. In the days since the attack was announced, researchers have been poring through data from a seized command and control center, finding evidence that the attackers were using the compromise to target some of the world’s most powerful tech companies.

New posts from Avast and Cisco’s Talos research group detail the findings, as first reported by Wired. At the time the server was seized, the attackers were targeting a string of internal domains with a second-stage payload, designed to collect data and provide persistent access to any infected device.

domains.png

Domains targeted by the CCleaner malware.

The list of domains, published by Talos, reveals a number of major tech companies. “Ntdev.corp.microsoft.com” is an internal domain for Windows developers, while hq.gmail.com appears to be the internal Gmail instance for Google employees. Other targets include Sony, Samsung, Intel, and Akamai. The domains also include a German slot machine company and major telecoms in Singapore and the United Kingdom.

Read more here...
 
  • Like
Reactions: jmarket and veeg
Status
Not open for further replies.
Top Bottom