CCleaner 5.35.6210

Status
Not open for further replies.

L S

Level 5
Verified
Well-known
Jul 16, 2014
215
I updated , because I already have the CCleaner version.5.34 - and now updated to v.5.35 ....... the CCleaner version.5.33 was compromised - soo ....... they who has the version.5.32 & v.5.31 & bellow if they want can wait, ....... but for me with already updated to version.5.34 it's normal & smart to update to this newer version of CCleaner v.5.35 .
 
5

509322

I updated , because I already have the CCleaner version.5.34 - and now updated to v.5.35 ....... the CCleaner version.5.33 was compromised - soo ....... they who has the version.5.32 & v.5.31 & bellow if they want can wait, ....... but for me with already updated to version.5.34 it's normal & smart to update to this newer version of CCleaner v.5.35 .

Continuing to use the old, non-malicious versions with a potentially compromised certificate isn't a best security practice.

Everyone who continues to use CCleaner should update to the version with the new cert.
 

L S

Level 5
Verified
Well-known
Jul 16, 2014
215
Continuing to use the old, non-malicious versions with a potentially compromised certificate isn't a best security practice.

Everyone who continues to use CCleaner should update to the version with the new cert.
Well ... on every Tech Site & Avast ; Piriform too - Said that only the CCleaner version 5.33 is infected - those versions bellow are Not.
- But, Yes - If you use CCleaner It's safer and wise to use the latest version - of course .
 
5

509322

Well ... on every Tech Site & Avast ; Piriform too - Said that only the CCleaner version 5.33 is infected - those versions bellow are Not.
- But, Yes - If you use CCleaner It's safer and wise to use the latest version - of course .

You're not getting it. The uninfected older versions are using potentially compromised certificates.
 
  • Like
Reactions: DJ Panda

L S

Level 5
Verified
Well-known
Jul 16, 2014
215
You're not getting it. The uninfected older versions are using potentially compromised certificates.
@Lockdown I Get It !!! ... But = ""potentially compromised certificates"" ... = does not necessarily mean that they are compromised .

P.S. - And in the previous reply I was saying they to wait a bit, not to "never" update.
- And of course the New Certificates - Are New ....
 
Last edited:
5

509322

@Lockdown I Get It !!! ... But = ""potentially compromised certificates"" ... = does not necessarily mean that they are compromised .

P.S. - And in the previous reply I was saying they to wait a bit, not to "never" update.
- And of course the New Certificates - Are New ....

Avast\Piriform is not willing to risk it therefore a new certificate was issued. Ideally, people should not use any of the old versions with the old cert.
 
  • Like
Reactions: DJ Panda

L S

Level 5
Verified
Well-known
Jul 16, 2014
215
Avast\Piriform is not willing to risk it therefore a new certificate was issued. Ideally, people should not use any of the old versions with the old cert.
Of course ....... But they do - people , they are scared to update to latest version = that's what I said/meant .......
....... misunderstanding .......
 
  • Like
Reactions: mlnevese
5

509322

Of course ....... But they do - people , they are scared to update to latest version = that's what I said/meant .......
....... misunderstanding .......

OK, now I understand. Yes, the irrational fears are rampant out there.

Sorry about the misunderstanding (forum posts are really a pain in that regard - they're so easy to misinterpret).
 
  • Like
Reactions: L S and mlnevese

roger_m

Level 41
Verified
Top Poster
Content Creator
Dec 4, 2014
3,015
The C2s weren't fully operational
CCleaner and installing avast with out permission...
The CnC server was taken down on September 15, three days after we first learned about the incident. Given how difficult these things tend to be, we consider this a very good result and I don't see how we could have done it any better. (By that time, the secondary CnC servers (the DGA domains) were already sinkholed as well, so that technically cut the attackers off their ability to control the backdoor).
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top