Hackers compromised free CCleaner software, Avast's Piriform says

PC software, internet and media related news and discussion

Hackers compromised free CCleaner software, Avast's Piriform says

Postby Blín D'ñero » 18 Sep 2017, 13:44

SAN FRANCISCO (Reuters) - Hackers broke into British company Piriform’s free software for optimizing computer performance last month potentially allowing them to control the devices of more than two million users, the company and independent researchers said on Monday.

The malicious program was slipped into legitimate software called CCleaner, which is downloaded for personal computers and Android phones as often as five million times a week. It cleans up junk programs and advertising cookies to speed up devices.

CCleaner is the main product made by London’s Piriform, which was bought in July by Prague-based Avast, one of the world’s largest computer security vendors. At the time of the acquisition, the company said 130 million people used CCleaner.

A version of CCleaner downloaded in August included remote administration tools that tried to connect to several unregistered web pages, presumably to download additional unauthorized programs, security researchers at Cisco’s (CSCO.O) Talos unit said.

Talos researcher Craig Williams said it was a sophisticated attack because it penetrated an established and trusted supplier in a manner similar to June’s “NotPetya” attack on companies that downloaded infected Ukrainian accounting software.

“There is nothing a user could have noticed,” Williams said, noting that the optimization software had a proper digital certificate, which means that other computers automatically trust the program.

In a blog post, Piriform confirmed that two programs released in August were compromised. It advised users of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 to download new versions. A spokeswoman said that 2.27 million users had downloaded the August version of CCleaner while only 5,000 users had installed the compromised version of CCleaner Cloud.

Piriform said that Avast, its new parent company, had uncovered the attacks on Sept. 12. A new, uncompromised version of CCleaner was released the same day and a clean version of CCleaner Cloud was released on Sept. 15, it said.

The nature of the attack code suggests that the hacker won access to a machine used to create CCleaner, Williams said.

CCleaner does not update automatically, so each person who has installed the problematic version will need to delete it and install a fresh version, he said.

Williams said that Talos detected the issue at an early stage, when the hackers appeared to be collecting information from infected machines, rather than forcing them to install new programs.

Piriform said it had worked with U.S. law enforcement to shut down a server located in the United States to which traffic was set to be directed.

It said the server was closed down on Sept. 15 “before any known harm was done”.


Source (reuters.com)

I never use the program. Only back in the Windows XP era i have sometimes.
Gaming PC: * Intel i7 4790K * Noctua NH-D15S * Asus Maximus VII Hero * 32 GB Corsair Dominator Platinum CMD32GX3M4A2133C9 * 2× Sapphire Radeon R9 290 Tri-X in crossfire * Dell U3010 @ 2560 x 1600 / 60Hz * Corsair AX 1200W * 7 x WD Black HDDs * Creative Soundblaster ZxR * Asus DRW F1ST * Corsair K95 RGB * Corsair M65 PRO RGB * Steelseries 9HD * Coolermaster STC T01 * Edifier S530 * Sennheiser HD598 * Windows 7 Ultimate x64 *

Workhorse PC: * Intel i7 2700K @ 4.8 Ghz * Noctua NH-D15 * Asus Maximus IV Extreme-Z * 32 GB Corsair Vengeance Pro CMY32GX3M4A1866C9 * Sapphire HD7970 crossfire * 3 x Dell U2410 @ Eyefinity 5760 x 1200 / 60Hz * Corsair HX 1000i * 7 x WD Black HDDs * Creative Soundblaster ZxR * Optiarc AD 5240S * Steelseries 7G * Razer Imperator 2012 * Steelseries 9HD * Coolermaster STC T01 * Edifier S730D * Windows 7 Ultimate x64 *

Workhorse PC 2: * Intel i7 920 @ 3.8 Ghz * Zalman CNPS9900A LED * Asus Sabertooth x58 * 24 GB Corsair Vengeance LP 1600MHz CL9 DDR3 * Sapphire R9 280X Vapor-X * 2 x Dell U2412M @ Eyefinity 2400 x 1920 / 60Hz * Corsair HX 850W * 7 x WDC WD1002FAEX * Creative Soundblaster Z * Optiarc AD 5240S * Steelseries 7G * Razer Mamba TE * Steelseries 9HD * Coolermaster STC T01 * Logitech Z-2300 * Windows 7 Ultimate x64 *
User avatar
Blín D'ñero
Site Admin
 
Posts: 7264
Joined: 17 Feb 2008
Location: Netherlands

Return to PC Software News

Who is online

Users browsing this forum: No registered users and 4 guests

cron