Someone created a hole and forgot to exploit it apparently
Luckily for many
So the embedded malware was there, but didn't do anything since other parts upon which it was dependent were broken or nonoperational. The backdoor was "Dead on Arrival."
- The Domain generation algorithm was botched
- The C2s weren't fully operational
And even then the malicious potential existed only for 32-bit installs.
Use the slim version, without the toolbar
It is curious when you compare the reaction to the compromised CCleaner to that of the recent Eternal Blue\Double Pulsar exploits.Luckily for many
Not the best idea - since you should assume that the old digital cert is fully compromised. Likelihood anything would become of it ? Probably close to 0, but still, it isn't best security practice to keep using it.As for me it is better to wait. The old portable version I use works fine. I also have a dr kerish installed to perform system maintenance.
I agree, but it's still early to do statistics. People usually freak out after the smoke clears...Compromised CCleaner had\has the potential to be 100X worse than EB\DB. The number of compromised systems could have turned out to be a staggering number. It is right up there as a worst-case scenario. However, compared to EB\DB, "CCleaner Crisis" is generating only a fraction of the user concern.
Perhaps, but from my general observation this one is flying right over their heads. Sort of like that "Deer in the headlights" look after they say "Wow ? or Huh ?..."I agree, but it's still early to do statistics. People usually freak out after the smoke clears...
Avast and Piriform both fully comprehend what this compromise can do to them and what is required of them to resolve the matter.It's enough to once discover a hole, later it's hard to believe them.