Linked by Thom Holwerda on Tue 19th Sep 2017 09:58 UTC
Privacy, Security, Encryption

Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. CCleaner boasted over 2 billion total downloads by November of 2016 with a growth rate of 5 million additional users per week. Given the potential damage that could be caused by a network of infected computers even a tiny fraction of this size we decided to move quickly. On September 13, 2017 Cisco Talos immediately notified Avast of our findings so that they could initiate appropriate response activities. The following sections will discuss the specific details regarding this attack.

Don't use registry cleaners. They serve no purpose.

Permalink for comment 649040
To read all comments associated with this story, please click here.
Member since:

Anyone who has to maintain Windows acknowledges that a system that has had many applications installed/uninstalled over time will have a bloated and unnecessarily complex registry. Boot times increase the longer this is retained. The impact can be drastically reduced by a registry clean out. Boot times of 15-30 secs on a 2ghz core2duo are achievable after tuning the system that includes a registry clean-out.

Reinstalling the os is not always practical and so a registry cleaner is a useful tool. To say it is useless undermines your technical competence in this area. These days I feel that OS news is becoming phone and tablet news from Apple.

What happened to valid, real-life information useful to users and maintainers of real operating systems and not just GUI users?

Reply Score: 3