"Attackers have shown that they are willing to leverage this trust to distribute malware while remaining undetected. "This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organizations and individuals around the world," Cisco Talos warns. Once they are in, it's a case of loading the trusted software with a nefarious payload, with the end-user being none the wiser. The trend now, however, is to attack the download source directly and gain access to legitimate servers. In the past, attackers would create fake alternatives of popular applications and trick people into downloading them. The Petya ransomware was distributed via a similar method and hackers also modified the Mac Bittorrent app Transmission on official servers to compromise users' computers. The attack vector isn't a new one, but it's become a lot more prevalent in recent months. "By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates," said Cisco Talos researchers, who discovered the threat, in a blog post. Users trust the brand, which makes it a prime target for attackers. Starting life as a "crap cleaner," CCleaner has earned a reputation for its ability to remove rogue programs and clear things like tracking cookies on Windows PCs. The company said it has already forced updates of the affected version and in its own words was "able to disarm the threat before it was able to do any harm." The impact is damaging, but considering that the application has amassed over 2 billion downloads and adds around 5 million new users each month, it could have been significantly worse. Piriform's CCleaner, owned by antivirus provider Avast, was found to be hosting a "multi-stage malware payload" that could install ransomware or keyloggers and further infect target computers on command.Īccording to Avast, around 2.27 million people ran the affected software, which was delivered via a hacked server. This is especially the case when that latest version of CCleaner has data collection options enabled by default (see the section below).A popular PC-cleaning software used by over 130 million people put users at risk after hackers were able to insert malware into legitimate downloads. It's a bit ironic to claim that going into a user's system without their permission and making changes is a move based on privacy and transparency. As Bleeping Computer spotted, Defender now detects CCleaner as a PUA, with the software giant stating that: Certain installers for free and 14-day trial versions of CCleaner come with bundled. "Since the release of v5.46 we have updated some users to this version to meet legal requirements and give users more autonomy and transparency over their privacy settings." As it turned out, that's exactly what happened.Ī Piriform staff member responded with the following: A user on Piriform's forums noticed that CCleaner had automatically updated on his system without his permission. The latest CCleaner controversy comes from ignoring user preferences about checking for updates. In our opinion, it isn't time to trust CCleaner. This is unfortunately not surprising after Avast purchased CCleaner developer Piriform in July 2017. Why Is CCleaner No Longer Safe?ĬCleaner, once a tidy app with no history of issues, has had several major problems in less than a year. Here's why you can't trust CCleaner anymore, and what to replace it with.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |