What Do You Think About What Happened With CCleaner And Other Software Programs

What Do You Think About What Happened With CCleaner And Other Software Programs?

  • We Know, But This Is Too Much Drama

  • From Time To Time We Need Something Like This To Open Our Eyes

  • I'm Glad This Has Happened Because We Trust Too Many Vendors (It is not important which company is)

  • Too Much Information From Too Many Tech Sites (But Nothing Good And Or Specific)

  • Other (Please Explain Your Opinion Below In Comments)

Results are only viewable after voting.
Exterminator

Exterminator

Level 85
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
I would not say "I'm glad this has happened" but it does remind us the need to remain educated and vigilant about what we allow on our PC's and Mobile devices.
Unfortunately this is not the first and probably won't be the last incident such as this.
Obviously all incidents aren't the same but I am speaking in general terms.
 
  • Like
Reactions: Behold Eck, Daljeet, spaceoctopus and 15 others
A

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,822
L S said:
Yes, of course I am not happy with what happened, but it will open our eyes for some time ....... after a while we will all be back in our comfortable zone.
Click to expand...
Unfortunately while it may have opened our eyes to the implicit trust we give vendors, ultimately there's very little we can do about it. We're dependent on them to properly secure their own network and what they distribute. It's especially embarrassing for Avast who's mantra is keeping us safe and secure online. CCleaner today but who knows what else could be compromised; who's to say we don't see malware-laden Windows updates in the future, and all we can do is cross our fingers and hope.
 
  • Like
Reactions: Behold Eck, Daljeet, spaceoctopus and 6 others
D

Deleted member 178

Too much paranoia and fear, understandable from Average Joe with limited security skills, more facepalming from those skilled enough.
If you have a decent knowledge and skill about security, you won't even be bothered, you would knew that this will not affect you much.

However this kind of attack prove that if you are targeted, you have very few chances to prevent damages.
 
  • Like
Reactions: Behold Eck, Daljeet, Venustus and 10 others
ElectricSheep

ElectricSheep

Level 14
Verified
Top Poster
Well-known
Aug 31, 2014
655
Umbra said:
Too much paranoia and fear, understandable from Average Joe with limited security skills, more facepalming from those skilled enough.
If you have a decent knowledge and skill about security, you won't even be bothered, you would knew that this will not affect you much.

However this kind of attack prove that if you are targeted, you have very few chances to prevent damages.
Click to expand...

Good point indeed! I was a CCleaner user, but the x64 version so dodged the bullet. Dumped it and switched to Wise Care 365 instead:cool:
 
  • Like
Reactions: Behold Eck, L S, frogboy and 9 others
cruelsister

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
Personally malware such as this has me shaking in my boots. Consider:

1). They (Axiom) had FTP credentials to upload the malware to the CCleaner server,
2). They had access to credentials to sign it,
3). It had a sleep function to avid initial detection by traditional security routines.
4). It connected to the Blackhat C&C only ONCE (so no persistence- which means that detection possibility is way low).
5). If that sever was down, it would connect to another at some point in the future.

Talos lucked out big time in detecting this one. Although registry entries were dropped, these were deemed malicious only after the malware activity was detected- and this could only be seen in a network monitoring application (the eventual one-time connection to the 216 server).

And for those that think that only Ccleaner could possibly be involved, all I can say is that it must be comforting to be so innocent.
 
  • Like
Reactions: Handsome Recluse, simmerskool, Behold Eck and 18 others
_CyberGhosT_

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
Man oh man, I forgot and it had no net access seeing I had all "Deny rules" for it in WFC but, I had Speccy installed,
"had" being the operative word there :)
It's a Piriform product, so for now I am trashing it, cleaned the registry of all "Piriform" related entries.
Sad to see Piriform going through this.
They sold, just before this broke, I wonder if knowing this was on the horizon Piriform knew the implications and damage
it would do, and decided to sell and do it quickly, if you look at the details it is clearly possible.
All it would have taken is for one employee to go "ohh crap look at what I found".
 
Last edited:
  • Like
Reactions: Behold Eck, L S, frogboy and 4 others
spaceoctopus

spaceoctopus

Level 16
Verified
Top Poster
Content Creator
Well-known
Jul 13, 2014
766
  • Like
Reactions: Handsome Recluse, L S, frogboy and 6 others
Plebman123

Plebman123

Level 2
Verified
Aug 30, 2017
69
I also would say Im not glad for this to happen but, we trust too many vendors into our PC,etc and they could backlash on us and yes they would be in trouble, but the damage it would do is massive, and it opens our eyes to how people can do damage, and get into even the most trusted programs/vendors. Was it right for them to do it? No. But it shows us what people can do and anyone can get around anything :notworthy:
 
  • Like
Reactions: Behold Eck, L S, frogboy and 1 other person
F

ForgottenSeer 58943

Exterminator said:
I would not say "I'm glad this has happened" but it does remind us the need to remain educated and vigilant about what we allow on our PC's and Mobile devices.
Unfortunately this is not the first and probably won't be the last incident such as this.
Obviously all incidents aren't the same but I am speaking in general terms.
Click to expand...

I suspect this happens all of the time and is ongoing but most of the time undiscovered. For example in the Hacker Deterrent thread it was appearing like Trend Micro's update process was hijacked.

I think it's the tip of the iceberg. Now that people know what to look for, it's only the beginning.
 
  • Like
Reactions: Handsome Recluse, Behold Eck, L S and 3 others
F

ForgottenSeer 58943

gorblimey said:
I ticked "Other"... I remember Sony, HBO... Avast had its forum cracked... The Democrats' email server... I think too many people are scared of a little paranoia in their professional lives.
Click to expand...

Equifax now the SEC.. The HBO hack seems to be attributed to CCleaner as HBO used CCleaner Cloud and the exact time GoT episode got leaked was when this CCleaner crap was happening. Coincidental? Doubt it.

I changed much of my security protocols a few months back during the Hacker Deterrent episode so I was basically well positioned and already expecting something like the Ccleaner thing to erupt. Ironically, it was around the Hacker Deterrent time I ceased using CCleaner-Cloud and cancelled my subscription outright, without a refund. Call it a hunch I guess.. Since then, I've hardened everything to a greater extent and I no longer disclose all of that. But I am always open to move hardening should the need arise.
 
  • Like
Reactions: L S and Daljeet
gorblimey

gorblimey

Level 3
Verified
Aug 30, 2017
101
cruelsister said:
1). They (Axiom) had FTP credentials to upload the malware to the CCleaner server,
2). They had access to credentials to sign it,
Click to expand...

................................. How?

"Paranoia is only heightened awareness."

"There is no such thing as Paranoia. Your worst fears can come true at any moment." (Hunter S. Thompson)

We're here and on Wilders discussing security. Paranoia is a necessary qualification.
 
  • Like
Reactions: Behold Eck, Daljeet and Deleted member 178
R

roger_m

Level 42
Verified
Top Poster
Content Creator
Dec 4, 2014
3,136
gorblimey said:
We're here and on Wilders discussing security. Paranoia is a necessary qualification.
Click to expand...
It's not necessary at all. I care about a lot about security not and never been even the slightest bit paranoid. I don't use CCleaner personally, but if I did and had installed the compromised version, I would have just updated to the new clean version, and not worried.
 
  • Like
Reactions: Handsome Recluse, Behold Eck, Daljeet and 1 other person
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
Security News European govt air-gapped systems breached using custom malware
Replies
1
Views
1,707
Security News
Brahman
Brahman
lokamoka820
    • Like
Serious Discussion What do you think of Browser Compartmentalization, will it offer better privacy or security?
Replies
8
Views
861
General Security Discussions
blackice
blackice
Gandalf_The_Grey
    • Like
    • +Reputation
Malware News Google: Russian FSB hackers deploy new Spica backdoor malware
Replies
1
Views
1,713
Security News
Juan2go
J

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top