…Įven though the downloaded installation executable was signed using a valid digital signature issued to Piriform, CCleaner was not the only application that came with the download. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. (Piriform was bought by antivirus giant Avast in July.)Įdmund Brumaghin, Ross Gibb, Warren Mercer, Matthew Molyett, and Craig Williams at Talos report: I just checked, and the current version available from Piriform is version 5.34. 11.Īfter notifying Piriform, CCleaner was, ahem, cleaned up and version 5.34 appeared on Sept. 15 and which, according to Talos, was still the primary download on the official CCleaner page on Sept. Talos Intelligence, a division of Cisco, just published a damning account of malware that it found hiding in the installer for CCleaner 5.33, the version that was released on Aug. 15, a couple of nasty programs came along for the ride. If you installed the free version of CCleaner after Aug.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |