Author Topic: CCleaner Malware Problem  (Read 2774 times)

ninthace

  • Veteran Member
  • *****
  • Posts: 11824
CCleaner Malware Problem
« on: 11:10:59, 20/09/17 »
I have posted this in the Gear section as anyone using this forum will be using some form of IT.

If you are using an application known as CCleaner (CacheCleaner ) to clean up your machine you need to be aware that the application has been hacked and malware was included with one of the updates. I became aware of this problem last night when my protection system (Kaspersky Total Security) and Malwarebytes suddenly lit up last night during a routine scan.


The link is here https://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users
More information can be found from various sources if you Google "CCleaner hacked".  It says it only affects 32 bit systems but I am running a 64 bit system and I found it.


Basically, if you have the app you needed to update to version 5.34 and run your anti-malware software to remove the offending files. This is an example of a supply chain hack whereby software from a trusted source has malware added at some point in the delivery chain.
Solvitur Ambulando

barewirewalker

  • Veteran Member
  • *****
  • Posts: 4226
Re: CCleaner Malware Problem
« Reply #1 on: 11:59:04, 20/09/17 »
Thanks, Ninthace, I have CC cleaner though I have not run it for a while. I will be sure to to get the update before I run it again. Trouble is with CC Cleaner is it's pop up to continually update and I think this takes you to one of the dreaded hosting sites rather than piriform. Good to know there is a genuine update.
BWW
Their Land is in Our Country.

Rather be walking

  • Sr. Member
  • ****
  • Posts: 482
Re: CCleaner Malware Problem
« Reply #2 on: 12:06:07, 20/09/17 »
Thanks ninthace
““The hardest part was coming to terms with the constant dispiriting discovery that there is always more hill.”
― Bill Bryson, A Walk in the Woods

jimbob

  • Veteran Member
  • *****
  • Posts: 2503
Re: CCleaner Malware Problem
« Reply #3 on: 12:15:53, 20/09/17 »
More thanks, Ninthace.
Too little, too late, too bad......

gunwharfman

  • Veteran Member
  • *****
  • Posts: 10255
Re: CCleaner Malware Problem
« Reply #4 on: 15:16:45, 20/09/17 »
We do get so many reports about stuff like this. Are the stories true, are they as dangerous to us as suggested, or is it all a con just designed to keep us in a heightened state of anxiety?

I have no idea!


jimbob

  • Veteran Member
  • *****
  • Posts: 2503
Re: CCleaner Malware Problem
« Reply #5 on: 16:42:20, 20/09/17 »
Gwm well you were about when the NHS and a many others were hacked weren't you?

The problem is many private pcs have been hijacked as well. So caution is not only required but is requested by the in the know, frequently.

Ladbroke may be z better place to gamble than your PC.
😁
Too little, too late, too bad......

ninthace

  • Veteran Member
  • *****
  • Posts: 11824
Re: CCleaner Malware Problem
« Reply #6 on: 16:46:46, 20/09/17 »
We do get so many reports about stuff like this. Are the stories true, are they as dangerous to us as suggested, or is it all a con just designed to keep us in a heightened state of anxiety?

I have no idea!
The story is true. Malware is a real threat. Do you need to be anxious? Depends how much you rely on your IT and what you use it for and how well you protect it.
You wouldn't give a complete stranger your wallet with your credit cards and personal details in it but if you do not safeguard your IT and personal information on the net properly that is what you could be doing and they can do it from anywhere in the world.
The recent Equifax hack in the US is a case in point. Not only have 143 million US citizens had their personal details stolen but so have 44 million UK citizens who did not even know their data was being kept by Equifax in the USA. I suspect I may be one of those involved as I am a BT customer. See
http://www.telegraph.co.uk/technology/2017/09/08/equifax-hack-britons-data-watchdog-investigates-ukimpact-major/
Nothing You can do about it but be alert. So much data has been stolen you can think of it as a sort of inverse lottery, if your number comes up, someone steals your identity,
Solvitur Ambulando

Jac

  • Veteran Member
  • *****
  • Posts: 3553
Re: CCleaner Malware Problem
« Reply #7 on: 09:21:25, 21/09/17 »
Oh [censored]*** :( I have CC cleaner but usually rely on my 'tame' IT guy to sort things out which, naturally, he charges for.
There are such frequent pop ups from CCC,  and I really don't really understand all this, I ignore them.
If I de-install CCC then run Malwarebytes would that sort it?
So many paths yet to walk, so little time left

kinkyboots

  • Veteran Member
  • *****
  • Posts: 1536
Re: CCleaner Malware Problem
« Reply #8 on: 09:52:47, 21/09/17 »
@ Jac

If you have a 64bit system you don't need to worry as this problem only affected the 32bit version.

You don't need to uninstall CCleaner just download the new version from here http://www.piriform.com/ccleaner/builds  and install it straight over the top of the old version.

Finally check your system with your antivirus and run a malwarebytes scan for the boots and braces approach.

ninthace

  • Veteran Member
  • *****
  • Posts: 11824
Re: CCleaner Malware Problem
« Reply #9 on: 09:59:21, 21/09/17 »
Oh [censored]*** :( I have CC cleaner but usually rely on my 'tame' IT guy to sort things out which, naturally, he charges for.
There are such frequent pop ups from CCC,  and I really don't really understand all this, I ignore them.
If I de-install CCC then run Malwarebytes would that sort it?
Should do.  Then reinstall CCleaner. If you have the pro version. Make a note of the License code before you deinstall then you can reregister. It is not a good idea to ignore upgrade pop ups as it is good practice to keep software updated to include  any necessary security upgrades but in this case, for the affected update, it wasn't.


What Kinkyboots said should work too. You may get an alarm on the subsequent system scan but it will quarantine the offending file. I know they say only 32 bit systems involved but it came up on my 64 bit system. Don't know if it would execute though but not hanging around to find out.
« Last Edit: 10:09:01, 21/09/17 by ninthace »
Solvitur Ambulando

gunwharfman

  • Veteran Member
  • *****
  • Posts: 10255
Re: CCleaner Malware Problem
« Reply #10 on: 10:16:32, 21/09/17 »
Thanks, I do appreciate any advice to help me decide whats best. I find we live in an age where'expert' writes this, while other 'experts' write that! For example, I read all of the national newspapers on line each day. In the old days I read one newspaper and absorbed their view and what I heard on the radio. I now read numerous newspapers and one subject is treated so differently depending which paper I read. Brexit or Remain is a good example of this, as is Boris Johnson, Donald Trump and so on. Then of course there are 'experts' telling us what we should eat and drink. How many times have I read that red wine is bad for me and then to be told that in fact its good for me! How to pay for goods and services, one expert will say that a swipe card is safe, another 'expert' will say "Oh no its not"! Recently the advice seems to have changed again, now I'm reading and have heard on R4 that the only safe way to pay is to use a mobile phone, e.g. Google Pay.

So I then get to PC security, its the same sort of problem, but no one 'expert' seems to suggest with confidence, or at least to make ME confident, that one way is better than another way? One 'expert' that I read recently said, if we bank on line, we should never do it via our PCs, always transact via our mobile phones, or via a Linux programme. I have an old laptop with Ubuntu installed and I use this all the time when I am in Europe. No problems so far and I presume its because I have been lucky?

I have various security downloads which I hope makes my PC secure and so far they seem to have have worked? My PC is a 64bit machine (no idea what this means) and my Ccleaner was already 64bit as well, so that suggests to me, that after reading the 'experts' view, my machine hasn't been hacked into, its only the lower class 32 bit machines that may, or may not have a problem to worry about???

kinkyboots

  • Veteran Member
  • *****
  • Posts: 1536
Re: CCleaner Malware Problem
« Reply #11 on: 10:32:53, 21/09/17 »
A couple of threads regarding this issue which might be worth a flick through particularly the last few pages of each

https://www.tenforums.com/windows-10-news/93699-ccleaner-vast-number-machines-risk.html

https://www.tenforums.com/software-apps/3058-latest-ccleaner-version-released.html

For those not in the know Avast recently bought Piriform.


ninthace

  • Veteran Member
  • *****
  • Posts: 11824
Re: CCleaner Malware Problem
« Reply #12 on: 11:25:50, 21/09/17 »
CCleaner just upgraded again  to 5.35 incorporating new digital signature.

http://www.piriform.com/news/release-announcements/2017/9/20/ccleaner-v535
Suffice to say this time I gave it a good coat of looking at before opening it.


I liked CCleaner Pro when Piriform ran it. I know you can do most of what it does by other means but I like the convenience of it to keep my PC clean of "digital fluff".


Now they are part of Avast I may be more circumspect. Although some sites give Avast's free anti virus software a thumbs up, comments on some IT websites suggest they are not universally acclaimed in the IT community.
Solvitur Ambulando

gunwharfman

  • Veteran Member
  • *****
  • Posts: 10255
Re: CCleaner Malware Problem
« Reply #13 on: 11:29:43, 22/09/17 »
An add on to my previous entry about the claims and counter claims that we have to endure to buy stuff. This morning in the Guardian the headline from their experts is that 'the pound is steady' before Mrs May's speech, whilst the Telegraph's experts states that the 'pound is sliding' before Mrs May's speech!

fernman

  • Veteran Member
  • *****
  • Posts: 4529
Re: CCleaner Malware Problem
« Reply #14 on: 11:49:52, 22/09/17 »
I am extremely grateful to the OP for bringing this issue to my attention. Without it I would have been blissfully unaware. I've been away for 8 days, during which I've not touched a computer, nor read any news, and I'm only slowly getting back to normal, you know how it is. I observed there were a couple of updates to CCleaner but thought nothing of it as these are fairly frequent.

I've used MBAM in the past but not kept it because the scans never found anything. So I've just reinstalled it (I don't like the way the 'free' download now installs a 14 day trial of the premium version, I am assuming it will revert to the free version when this expires) and sure enough it has detected 2 trojans in Piriform on my 32-bit XP netbook, though nothing on my 64-bit 8.1 desktop pc.

Thanks again!


 

Terms of Use     Privacy Policy