Malware found in official Ccleaner installers

Transhumana

Level 6
Verified
Well-known
Jul 6, 2017
271
why? what kind of magic do you think it does to your computer? ccleaner is the epitome of snake oil happily & willingly lapped up by users.

Before I shut my computer down at the end of the day I like it to clean all the temporary internet files, cache and leftover files from uninstalled programs. I also occasionlly use it to manage startup programs and scheduled tasks. So no, I don't expect any magic at all, only to do what it's supposed to do. :)
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
The other puzzling thing is that no one's computer actually got hurt by this malware. The backdoor was never used to download and run malicious code, or so they say in the article.
Makes me think that it was a spy job, not a malware job.
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
it's not easy to find a better alternative than CCleaner+CCEnhancer
other alternatives usually clean different things and they complement each others

the solution now is to keep CCleaner and block all the out/inbound connections of ccleaner and its related processes
 

Kuttz

Level 13
Verified
Top Poster
Well-known
May 9, 2015
625
Holly f*** i was using exactly the 5.33 version till now and neither Bitdefender or Kaspersky AV flagged the Ccleaner as malware ?! :eek: Anyway uninstalled the software and needs to look for an alternative. I actually had a silent dislike towards Ccleaner for the past few months for no specific reasons despite I continued using it and my intuition and dislike towards the software was genuine!
 

paulderdash

Level 6
Verified
Well-known
Apr 28, 2015
271
5.33 Slim installer ...
 

Attachments

  • 2017-09-18_153414.jpg
    2017-09-18_153414.jpg
    71.9 KB · Views: 389

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
The other puzzling thing is that no one's computer actually got hurt by this malware. The backdoor was never used to download and run malicious code, or so they say in the article.
Makes me think that it was a spy job, not a malware job.
What i can guess happened is that the file was unsigned left on a server to get signed, someone had access to the server and added a malware downloader to the real release. The person signing the software just grabbed the version from the server and signed it(must only had access to 32 bit or the 64 version was again updated after he accessed it. The malware author had to wait for a fair amount of time for all people to get it and then push the malware download to all computers with the affected version. Ccleaner team identified the breach before that and took down the server and issued an update to the program.
This is me guessing.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top