G+_Travis Hershberger Posted September 18, 2017 Share Posted September 18, 2017 Well, there goes a major computer security tool. CCleaner now malware, uck. https://mangolassi.it/topic/15128/hackers-hid-backdoor-in-ccleaner-security-app/7 https://mangolassi.it/topic/15128/hackers-hid-backdoor-in-ccleaner-security-app/7 Link to comment Share on other sites More sharing options...
G+_Rud Dog Posted September 18, 2017 Share Posted September 18, 2017 And to think I supported them by buying CCleaner. Link to comment Share on other sites More sharing options...
G+_Travis Hershberger Posted September 18, 2017 Author Share Posted September 18, 2017 Well, this sort of thing is an inevitable event anymore. The question is how the aftermath is handled, which looks quite poor right now. Add onto it being closed source software and no checksum available (WHY?!), and bad things are going to happen. Link to comment Share on other sites More sharing options...
G+_Rud Dog Posted September 18, 2017 Share Posted September 18, 2017 Just came in from doing some outside sun gathering, have they posted what to do? As in uninstall? Link to comment Share on other sites More sharing options...
G+_Jason Brown Posted September 18, 2017 Share Posted September 18, 2017 I love how they tell us to not panic. In that case I will uninstall their software in a calm and orderly fashion, making note of all emergency exits on my way. Link to comment Share on other sites More sharing options...
G+_Travis Hershberger Posted September 18, 2017 Author Share Posted September 18, 2017 Rud Dog Obviously uninstall, I'm not sure that will get rid of the backdoor that got installed along with it tho :/ Link to comment Share on other sites More sharing options...
G+_Rud Dog Posted September 18, 2017 Share Posted September 18, 2017 BTW does this go for Malwarebytes as well? Link to comment Share on other sites More sharing options...
G+_Travis Hershberger Posted September 18, 2017 Author Share Posted September 18, 2017 Malwarebytes is it's own entity, they aren't owned by another company are they? Tho they also really need a checksum on their downloads, I haven't heard of them pulling anything shady like ccCleaner/Avast has. Spiceworks is also looking horrible through this whole situation. If you want to get out the popcorn, you can follow everything at: mangolassi.it - Hackers Hid Backdoor In CCleaner Security App Link to comment Share on other sites More sharing options...
G+_Sergio Caballero Posted September 19, 2017 Share Posted September 19, 2017 Could you comment further or point some articles in regards to spiceworks? Didn't know they got their hands dirty as well Link to comment Share on other sites More sharing options...
G+_Travis Hershberger Posted September 19, 2017 Author Share Posted September 19, 2017 Sergio Caballero They're purposely deleting posts critical of a paying add sponsor. Not the first time this has happened either. I forget all the current details, but they're in that mangolassi.it - Recent Topics thread I linked to. Link to comment Share on other sites More sharing options...
G+_Juscelino Acevedo Posted September 19, 2017 Share Posted September 19, 2017 KCleaner [http://www.kcsoftwares.com/?kcleaner] is a great alternative. kcsoftwares.com - KC Softwares Link to comment Share on other sites More sharing options...
G+_Rud Dog Posted September 19, 2017 Share Posted September 19, 2017 Have to wonder why malwarebytes didn't detect this software as a bad guy. Link to comment Share on other sites More sharing options...
G+_Travis Hershberger Posted September 19, 2017 Author Share Posted September 19, 2017 Rud Dog it's probably been whitelisted. Otherwise it's actions would look exactly like malware ? Link to comment Share on other sites More sharing options...
G+_Rud Dog Posted September 19, 2017 Share Posted September 19, 2017 us-cert.gov - Avast’s Piriform Releases Security Update for CCleaner Link to comment Share on other sites More sharing options...
G+_Travis Hershberger Posted September 20, 2017 Author Share Posted September 20, 2017 Rud Dog That's nice, but do they have any checksums available yet? Having a publicly available checksum is really a requirement after this flub on their part. Link to comment Share on other sites More sharing options...
Recommended Posts