What Do You Think About What Happened With CCleaner And Other Software Programs?

  • We Know, But This Is Too Much Drama

  • From Time To Time We Need Something Like This To Open Our Eyes

  • I'm Glad This Has Happened Because We Trust Too Many Vendors (It is not important which company is)

  • Too Much Information From Too Many Tech Sites (But Nothing Good And Or Specific)

  • Other (Please Explain Your Opinion Below In Comments)

Results are only viewable after voting.

Exterminator

Community Manager
Verified
Staff member
I would not say "I'm glad this has happened" but it does remind us the need to remain educated and vigilant about what we allow on our PC's and Mobile devices.
Unfortunately this is not the first and probably won't be the last incident such as this.
Obviously all incidents aren't the same but I am speaking in general terms.
 

Arequire

Level 23
Verified
Content Creator
Yes, of course I am not happy with what happened, but it will open our eyes for some time ....... after a while we will all be back in our comfortable zone.
Unfortunately while it may have opened our eyes to the implicit trust we give vendors, ultimately there's very little we can do about it. We're dependent on them to properly secure their own network and what they distribute. It's especially embarrassing for Avast who's mantra is keeping us safe and secure online. CCleaner today but who knows what else could be compromised; who's to say we don't see malware-laden Windows updates in the future, and all we can do is cross our fingers and hope.
 
D

Deleted member 178

Too much paranoia and fear, understandable from Average Joe with limited security skills, more facepalming from those skilled enough.
If you have a decent knowledge and skill about security, you won't even be bothered, you would knew that this will not affect you much.

However this kind of attack prove that if you are targeted, you have very few chances to prevent damages.
 

ElectricSheep

Level 12
Verified
Too much paranoia and fear, understandable from Average Joe with limited security skills, more facepalming from those skilled enough.
If you have a decent knowledge and skill about security, you won't even be bothered, you would knew that this will not affect you much.

However this kind of attack prove that if you are targeted, you have very few chances to prevent damages.
Good point indeed! I was a CCleaner user, but the x64 version so dodged the bullet. Dumped it and switched to Wise Care 365 instead:cool:
 

cruelsister

Level 36
Verified
Trusted
Content Creator
Personally malware such as this has me shaking in my boots. Consider:

1). They (Axiom) had FTP credentials to upload the malware to the CCleaner server,
2). They had access to credentials to sign it,
3). It had a sleep function to avid initial detection by traditional security routines.
4). It connected to the Blackhat C&C only ONCE (so no persistence- which means that detection possibility is way low).
5). If that sever was down, it would connect to another at some point in the future.

Talos lucked out big time in detecting this one. Although registry entries were dropped, these were deemed malicious only after the malware activity was detected- and this could only be seen in a network monitoring application (the eventual one-time connection to the 216 server).

And for those that think that only Ccleaner could possibly be involved, all I can say is that it must be comforting to be so innocent.
 

_CyberGhosT_

Level 53
Verified
Trusted
Content Creator
Man oh man, I forgot and it had no net access seeing I had all "Deny rules" for it in WFC but, I had Speccy installed,
"had" being the operative word there :)
It's a Piriform product, so for now I am trashing it, cleaned the registry of all "Piriform" related entries.
Sad to see Piriform going through this.
They sold, just before this broke, I wonder if knowing this was on the horizon Piriform knew the implications and damage
it would do, and decided to sell and do it quickly, if you look at the details it is clearly possible.
All it would have taken is for one employee to go "ohh crap look at what I found".
 
Last edited:

spaceoctopus

Level 15
Verified
Content Creator

Plebman123

Level 2
I also would say Im not glad for this to happen but, we trust too many vendors into our PC,etc and they could backlash on us and yes they would be in trouble, but the damage it would do is massive, and it opens our eyes to how people can do damage, and get into even the most trusted programs/vendors. Was it right for them to do it? No. But it shows us what people can do and anyone can get around anything :notworthy:
 

Slyguy

Level 42
Verified
I would not say "I'm glad this has happened" but it does remind us the need to remain educated and vigilant about what we allow on our PC's and Mobile devices.
Unfortunately this is not the first and probably won't be the last incident such as this.
Obviously all incidents aren't the same but I am speaking in general terms.
I suspect this happens all of the time and is ongoing but most of the time undiscovered. For example in the Hacker Deterrent thread it was appearing like Trend Micro's update process was hijacked.

I think it's the tip of the iceberg. Now that people know what to look for, it's only the beginning.
 

Slyguy

Level 42
Verified
I ticked "Other"... I remember Sony, HBO... Avast had its forum cracked... The Democrats' email server... I think too many people are scared of a little paranoia in their professional lives.
Equifax now the SEC.. The HBO hack seems to be attributed to CCleaner as HBO used CCleaner Cloud and the exact time GoT episode got leaked was when this CCleaner crap was happening. Coincidental? Doubt it.

I changed much of my security protocols a few months back during the Hacker Deterrent episode so I was basically well positioned and already expecting something like the Ccleaner thing to erupt. Ironically, it was around the Hacker Deterrent time I ceased using CCleaner-Cloud and cancelled my subscription outright, without a refund. Call it a hunch I guess.. Since then, I've hardened everything to a greater extent and I no longer disclose all of that. But I am always open to move hardening should the need arise.
 
  • Like
Reactions: L S and Daljeet

gorblimey

Level 2
1). They (Axiom) had FTP credentials to upload the malware to the CCleaner server,
2). They had access to credentials to sign it,
................................. How?

"Paranoia is only heightened awareness."

"There is no such thing as Paranoia. Your worst fears can come true at any moment." (Hunter S. Thompson)

We're here and on Wilders discussing security. Paranoia is a necessary qualification.
 

roger_m

Level 24
Verified
Content Creator
We're here and on Wilders discussing security. Paranoia is a necessary qualification.
It's not necessary at all. I care about a lot about security not and never been even the slightest bit paranoid. I don't use CCleaner personally, but if I did and had installed the compromised version, I would have just updated to the new clean version, and not worried.