Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
The Horror of CCleaner
Message
<blockquote data-quote="cruelsister" data-source="post: 676107" data-attributes="member: 7463"><p>Hi Fede! The issue with the 2nd opinion scanners was that they only detected this thing after the MD5 was released by Cisco/Talos. </p><p></p><p>I did a video (unpublished because I didn't think anyone would care) testing the big three (MB, HMP, Zemana) against the most common CCleaner malware and was surprised that even after 30 days only 1 of the 3 detected the malware, and none detected the reg entry.</p><p></p><p>Also, I keep reading that some folk think they would never have an issue with stuff like this as they would deny Network access to it. Although quite true in this case, understand that other software may require Internet access to work. Consider that the Group (this was no script Kiddie malware!) needed to acquire BOTH the Private Signing key to legitimize the false CCleaner as well as getting the FTP credentials to upload the malware to the Server. Getting either of these things is not easy or inexpensive.</p><p></p><p>Fortunately Peasants like us would never be bothered by such high quality stuff- as soon as those responsible detected that we were just plain folk the secondary malware would never have been uploaded to our systems. This malware was created for Corporate Espionage, but could also be used for Military Cyber Attacks. But still we should not feel good that we as individuals would have been unaffected. Personally I would rather have my personal info stolen then living in a Country where the Defense C&C Severs were taken down as the missiles fly in, or having the Electrical Grid crash as the Tanks barrel across the border (btw, this was the rationale of why the US questions the use of K in critical infrastructure. Thank God there are FINALLY Ears that Hear and Minds that actually Think).</p></blockquote><p></p>
[QUOTE="cruelsister, post: 676107, member: 7463"] Hi Fede! The issue with the 2nd opinion scanners was that they only detected this thing after the MD5 was released by Cisco/Talos. I did a video (unpublished because I didn't think anyone would care) testing the big three (MB, HMP, Zemana) against the most common CCleaner malware and was surprised that even after 30 days only 1 of the 3 detected the malware, and none detected the reg entry. Also, I keep reading that some folk think they would never have an issue with stuff like this as they would deny Network access to it. Although quite true in this case, understand that other software may require Internet access to work. Consider that the Group (this was no script Kiddie malware!) needed to acquire BOTH the Private Signing key to legitimize the false CCleaner as well as getting the FTP credentials to upload the malware to the Server. Getting either of these things is not easy or inexpensive. Fortunately Peasants like us would never be bothered by such high quality stuff- as soon as those responsible detected that we were just plain folk the secondary malware would never have been uploaded to our systems. This malware was created for Corporate Espionage, but could also be used for Military Cyber Attacks. But still we should not feel good that we as individuals would have been unaffected. Personally I would rather have my personal info stolen then living in a Country where the Defense C&C Severs were taken down as the missiles fly in, or having the Electrical Grid crash as the Tanks barrel across the border (btw, this was the rationale of why the US questions the use of K in critical infrastructure. Thank God there are FINALLY Ears that Hear and Minds that actually Think). [/QUOTE]
Insert quotes…
Verification
Post reply
Top