Malware found in official Ccleaner installers

Marko :)

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,263
conceptualclarity said:
Hello Malware Tips pals. I was away when this happened. I don't have to go through 13 pages of discussion. Could somebody catch me up?

[OOPS--a preliminary draft posted!]

I want to know just who were all the true heroes in this matter.(Obviously I don't include ClamAV doing its usual meaningless ritual of flagging everything.)

How did a wretched episode like this come about? How tainted do people feel Avast is by this?

I've had a long practice of running all my downloads past Virus Total. Would that have helped here?



I've been downloading and installing CCleaner regular installer updates for years without ever encountering any piggyback programs, despite what ESET has been saying.
Click to expand...
Basically, CCleaner v5.33 was hacked by someone and before releasing the final product. Someone added the malicious line of code which sends user data to unknown server. Soon, when Piriform (Avast) crew found out, they shut down the server, they have updated the CCleaner and released a statment about the incident. In statement, they said, that CCleaner was hacked before Avast purchased Piriform and that they have strong evidence about it and, of course, that there's investigation going on.

Only 32-bit version of program was affected and it's recommended to make clean installation of OS.
 
  • Like
Reactions: JB007, spaceoctopus, Andrew999 and 2 others
JB007

JB007

Level 26
Verified
Top Poster
Well-known
May 19, 2016
1,580
Vivek J. Mundkur said:
Ah! Now that explains why. My installer does not include the Google Toolbar. :) So naturally no red/yellow flags by an AV/AM. But I do agree it may be considered by a PUP by not only an AV company but some users too.
Click to expand...
Hello,
Where can I find this installer without the Google Toolbar ?
 
conceptualclarity

conceptualclarity

Level 21
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 23, 2013
1,076
Marko :) said:
Only 32-bit version of program was affected and it's recommended to make clean installation of OS.
Click to expand...

Fortunately I didn't download that particular update.

JB007 said:
Hello,
Where can I find this installer without the Google Toolbar ?
Click to expand...

Hey, Google Toolbar wasn't bad at all. But isn't it dead as a doornail? Google isn't interested in it because it was something they made for Internet Explorer and Firefox before they started up their own Chrome browser, at which point they lost interest in enhancing Internet Explorer and Firefox. IE especially needed it, with no extension store.

I have been downloading CCleaner from the Piriform site for a long time and have never encountered a bundled program.
 
  • Like
Reactions: harlan4096, JB007 and Marko :)
TairikuOkami

TairikuOkami

Level 37
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,638
JB007 said:
Where can I find this installer without the Google Toolbar ?
Click to expand...
CCleaner - Builds

Slim version is usually released 1-2 weeks after the standard version.

conceptualclarity said:
I have been downloading CCleaner from the Piriform site for a long time and have never encountered a bundled program.
Click to expand...
Not sure, why it is sometimes offered and sometimes not. I have seen it, when I have upgraded, but not after uninstalling CCleaner and installing it again using the same installer. But if you unpack the standard version, you can see Chrome and Toolbar installers there, with the HTML offers in various languages.
 

Attachments

  • capture_11252017_184003.jpg
    capture_11252017_184003.jpg
    189 KB · Views: 316
  • Like
Reactions: harlan4096, R2D2, Marko :) and 1 other person
JB007

JB007

Level 26
Verified
Top Poster
Well-known
May 19, 2016
1,580
conceptualclarity said:
Fortunately I didn't download that particular update.



Hey, Google Toolbar wasn't bad at all. But isn't it dead as a doornail? Google isn't interested in it because it was something they made for Internet Explorer and Firefox before they started up their own Chrome browser, at which point they lost interest in enhancing Internet Explorer and Firefox. IE especially needed it, with no extension store.

I have been downloading CCleaner from the Piriform site for a long time and have never encountered a bundled program.
Click to expand...

TairikuOkami said:
CCleaner - Builds

Slim version is usually released 1-2 weeks after the standard version.


Not sure, why it is sometimes offered and sometimes not. I have seen it, when I have upgraded, but not after uninstalling CCleaner and installing it again using the same installer. But if you unpack the standard version, you can see Chrome and Toolbar installers there, with the HTML offers in various languages.
Click to expand...

Thanks @conceptualclarity and @TairikuOkami for your help:)
 
  • Like
Reactions: R2D2, TairikuOkami and Marko :)
You must log in or register to reply here.

Similar threads

Viking
    • Like
    • Wow
    • Sad
CCleaner confirms data breach via MOVEit attack
Replies
23
Views
3,876
News Archive
Sorrento
Sorrento
Gandalf_The_Grey
    • Like
    • Hundred Points
Malware News LightSpy: Implant for iOS
Replies
0
Views
762
Security News
Gandalf_The_Grey
Gandalf_The_Grey
lokamoka820
    • Like
    • +Reputation
New Update openSUSE Leap Micro 6.0 Launches with Self-Install and Full Disk Encryption Images
Replies
1
Views
141
ChromeOS & Linux
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top