Linked by Thom Holwerda on Tue 19th Sep 2017 09:58 UTC
Privacy, Security, Encryption

Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. CCleaner boasted over 2 billion total downloads by November of 2016 with a growth rate of 5 million additional users per week. Given the potential damage that could be caused by a network of infected computers even a tiny fraction of this size we decided to move quickly. On September 13, 2017 Cisco Talos immediately notified Avast of our findings so that they could initiate appropriate response activities. The following sections will discuss the specific details regarding this attack.

Don't use registry cleaners. They serve no purpose.

Permalink for comment 648993
To read all comments associated with this story, please click here.
rcaudill
Member since:
2011-09-01

I completely disagree with this statement. I have been in this business for a long time and where I see the value of registry cleaners is if something isn't working as expected. A actual story that happened to me was that I had Office 2013 that would not work. It kept going through a loop where when Excel opened it would complain about missing setup files. It would then ask for a recovery "disk" (yes I said disk). I tried all recommended patches and fixes from MS and nothing worked. I then turned to CCleaner as I had a lot of bloat on my system anyways and sure enough the problem was gone after one CCleaner run. Now I think it is a small percentage of problems that would run into this but I do believe it has its place.

Reply Score: 7