CCleaner hack

Image
Need help with your PC hardware or software? Ask for it here
User avatar
DarkDeamon
Vice Admiral
Vice Admiral
Posts: 2412
Joined: Sun Mar 08, 2009 12:39 pm
Gender: Male
Location: Over the hills and far away
Contact:

CCleaner hack

Post by DarkDeamon » Fri Sep 22, 2017 9:23 am

The hack is actually a very sophisticated hack and much worse than first thought.
If you have CCleaner installed and updated it between 1 Aug - 15 Sep or you did a fresh install between those dates then you need to format & reinstall your pc as there is a very high chance you have malware on your system that can't be detected or stopped by your AV

https://arstechnica.com/information-tec ... red/?amp=1
aka EvilB@stard
Insurgency Config maniac
Putting my hacks on your PC :devil:

User avatar
BillBailey
Vice Admiral
Vice Admiral
Posts: 3344
Joined: Sat Apr 19, 2008 3:22 pm
Gender: Male
Facebook: https://www.facebook.com/bill.bailey.9212301
Location: Birmingham

Re: CCleaner hack

Post by BillBailey » Fri Sep 22, 2017 9:46 am

Check which version you have.
32-bit version of CCleaner 5.33.6162 or CCleaner Cloud 1.07.3191 affected

User avatar
warlock359205
Warrant Officer
Warrant Officer
Posts: 1038
Joined: Mon Apr 06, 2009 8:34 pm
Gender: Male
Location: portsmouth uk

Re: CCleaner hack

Post by warlock359205 » Fri Sep 22, 2017 9:52 am

don't use it myself
Image

User avatar
Ztranier
Warrant Officer
Warrant Officer
Posts: 487
Joined: Tue Apr 18, 2017 3:06 pm
Gender: Male
Steam: =EBS= Ztranier [DPT]/ http://steamcommunity.com/profiles/76561198008007768/
Location: Düsseldorf/ GER

Re: CCleaner hack

Post by Ztranier » Fri Sep 22, 2017 10:04 am

thx DarkD if Gott the free Version of ccleaner, but the Version is older than u posted and i didn´t make any update the last 2 months.
i have deinstalled that on from my Systhem.
have u got an idea which free av and cleaning Programm one should use Sirs?

User avatar
DarkDeamon
Vice Admiral
Vice Admiral
Posts: 2412
Joined: Sun Mar 08, 2009 12:39 pm
Gender: Male
Location: Over the hills and far away
Contact:

Re: CCleaner hack

Post by DarkDeamon » Fri Sep 22, 2017 10:34 am

Bill, if the software has auto-updated at any point during Aug, you could be showing the new version but still be infected.

Ztranier, unfortunately, you get what you pay for and I don't rate any of the free AV programs for proper protection though malwarebytes is good at clearing off traditional AV infections.

The threat landscape is now changing hugely. The new generation of viruses reside in memory and don't touch the HDD so can't be detected by traditional AV. They work by subverting traditional running processes and modify them in ways that AV can't detect.

It's now possible to be infected just by browsing a website displaying an infected as, you don't even need to click on the add. If your device is vulnerable, it will subvert the browser process in memory and use the system account to run other processes in the background to give them more control of your device.

For non-corporate users there is no AV that can protect from this type of attack. Your best option is use ghostery in your browser to block ads.

The other twist in the hackers game is the subversion of genuine software, putting a nasty payload into trusted software by hacking the software developer. Happened with that Ukrainian accounting software a while back and now this. We're going to see it happen more and more!!
aka EvilB@stard
Insurgency Config maniac
Putting my hacks on your PC :devil:

User avatar
TokaiTele
Warrant Officer
Warrant Officer
Posts: 118
Joined: Tue Dec 22, 2015 7:26 pm
Gender: Male
Steam: http://steamcommunity.com/profiles/76561198028417860/
Location: Earth

Re: CCleaner hack

Post by TokaiTele » Fri Sep 22, 2017 10:42 am

ZTranier: I use Bitdefender free for real-time protection https://www.bitdefender.co.uk/solutions/free.html
SuperAntispyware for on-demand http://www.superantispyware.com/downloa ... PYWAREFREE
Malware Antimalware for on demand https://www.malwarebytes.com/

This combination is perfect.

My advice is run a Virtual Machine such as VirtualBox https://www.virtualbox.org/wiki/Downloads and install Linux Mint https://linuxmint.com/download.php

Only run Windows when you want to game. You can set virtualbox up to run very smoothly. I'm currently using it in a software development environment and it is just as fast as my 'normal' rig.

Any questions just ask.

User avatar
BillBailey
Vice Admiral
Vice Admiral
Posts: 3344
Joined: Sat Apr 19, 2008 3:22 pm
Gender: Male
Facebook: https://www.facebook.com/bill.bailey.9212301
Location: Birmingham

Re: CCleaner hack

Post by BillBailey » Fri Sep 22, 2017 10:50 am

Dark, I haven't updated it since avast bought it. Plus I hardly ever let software auto update.

User avatar
TokaiTele
Warrant Officer
Warrant Officer
Posts: 118
Joined: Tue Dec 22, 2015 7:26 pm
Gender: Male
Steam: http://steamcommunity.com/profiles/76561198028417860/
Location: Earth

Re: CCleaner hack

Post by TokaiTele » Fri Sep 22, 2017 11:16 am

An update. I've noticed that Bitdefender has blocked several backdoor agents and trojans - in real-time - from CCleaner!! Uninstall it now!!!! Probably best to format the drive but I'm fairly certain Bitdefender has protected me. I strongly recommend using this software.

User avatar
DarkDeamon
Vice Admiral
Vice Admiral
Posts: 2412
Joined: Sun Mar 08, 2009 12:39 pm
Gender: Male
Location: Over the hills and far away
Contact:

Re: CCleaner hack

Post by DarkDeamon » Fri Sep 22, 2017 11:29 am

Unfortunately Bill, that leaves you wide open. Updates are critical as most updates are there to fix security vulnerabilities that the hackers are using.
It's a sad fact that if your device is connected to the internet, it needs a good AV and the latest patches, otherwise you are likely to become a statistic bloody quick.
I've recently stood up two incredibly hardened Linux web servers facing the internet in work. There is no external DNS entry for them yet, so you can't access from outside. The servers were actively attacked within 60 minutes & are getting over 400k visits a day. All the site is is a single PHP page with our company logo.
I also spend a chunk of my week going through the phishing emails we receive and blocking access to the hacked website the phishers are trying to redirect you to in their links. I contact the website before I block them and let them know whats happening on their site. On a quite week, I block 50 sites and I think the max has been just shy of 500.
The websites are usually using some form of CMS that's not been patched (hate WordPress with a fucking passion)
aka EvilB@stard
Insurgency Config maniac
Putting my hacks on your PC :devil:

User avatar
BillBailey
Vice Admiral
Vice Admiral
Posts: 3344
Joined: Sat Apr 19, 2008 3:22 pm
Gender: Male
Facebook: https://www.facebook.com/bill.bailey.9212301
Location: Birmingham

Re: CCleaner hack

Post by BillBailey » Fri Sep 22, 2017 11:38 am

Dark, my gaming PC is used for just that. My laptop however has all the protection.

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest