Linked by Thom Holwerda on Tue 19th Sep 2017 09:58 UTC
Privacy, Security, Encryption

Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. CCleaner boasted over 2 billion total downloads by November of 2016 with a growth rate of 5 million additional users per week. Given the potential damage that could be caused by a network of infected computers even a tiny fraction of this size we decided to move quickly. On September 13, 2017 Cisco Talos immediately notified Avast of our findings so that they could initiate appropriate response activities. The following sections will discuss the specific details regarding this attack.

Don't use registry cleaners. They serve no purpose.

Permalink for comment 648999
To read all comments associated with this story, please click here.
CCleaner is great
by evert on Tue 19th Sep 2017 14:08 UTC
evert
Member since:
2005-07-06

CCleaner has often served me in the past. Whether or not Windows is broken because such tools are needed (and yes that is a shame) is irrelevant for the statement "CCleaner is a great tool".

CCleaner is not just a registry cleanup tool. It also helps cleaning the computer from temporary files, programs, cached stuff and so on. I like the all-in-one interface for such tasks.

Further, I agree with others (above) that registry cleanup can be very useful. E.g. broken file associations and broken explorer.exe extensions can be fixed.

That it got infected with malware is very, very disappointing because the mother company is Avast. I hope they do follow up on this.

I use Linux a lot, on the server, and increasingly on the desktop as well. Still Windows and many applications (games, Outlook) have their use.

Reply Score: 6