Mad Monkey Home TumblreMailTwitterRSS FeedGoogle+Mad Monkey Home
   
 
QUICK LINKS
 
HOME
 
TECH NEWS  -  SITE NEWS

MONKEY STORE

ALL SOFTWARE
GAMES  -  SCREENSAVERS

FONTS

SUPPORT PAGES
CONTACT US

DONATE
 
  Quick Links
TAG CLOUD

 
RECOMMENDED

Make Poverty History

 
Euro Downloads

 

CCleaner 5.33 breach from it's own company!!

CCleaner 5.33 breach from it's own company!!

Sun, 24 Sep 2017 16:09:35 GMT  

During August, CCleaner v5.33 (Cloud v1.07) was made available to the public containing malicious code, which sent sensitive information to a server based in the USA (216.126.X.X). This server was eventually shut down alongside US law enforcement by the 15th September, a month later. This official announcement was made on the 18th September 2017, which stated "The compromise could cause the transmission of non-sensitive data (computer name, IP address, list of installed software, list of active software, list of network adapters)". More technical information regarding this breach and was released by Paul Yang, available at: http://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users

As we have just learned, the information sent to this server over that period of time will likely have included more sensitive information, and would recommend changing passwords if you have ever used this this version of CCleaner on your devices. For more intelligent authentication systems, such as Google may already be aware of unusual activity on their accounts, and may see:

The IP address stated here, 5.62.63.219 resolves to r-219-63-62-5.ff.avast.com. Either somebody is going through great pains to implicate Avast, or the malicious code was added by Avast own team. Is it not coincidental that Avast also acquired CCleaner just a month before?

I'll leave you decide. However, in addition to changing passwords, you probably safer to keep CCleaner removed from your systems until Avast/Piriform have actually resolved this problem, as the last official word from them is "we dont want to speculate how the unauthorized code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it. The investigation is still ongoing.". Therefore, although the original malicious code was fixed, the same thing could easily happen again.


 

Source: Nathan Owen

   

COPYRIGHT MAD-MONKEY 2005 -