CCleaner is a system cleanup tool by Piriform, which is now owned by Avast. A suspicious activity was identified on September 12th, 2017, where an unknown IP address receiving data from software found in version 5.33.6162 of CCleaner. Later it was found that the 5.33.6162 version of CCleaner was illegally modified before it was released to the public.

The malicious code sent encrypted information about the infected machine to a C&C server that the hackers had set up. Among other things, the name of the computer, a list of installed programs and running processes, as well as the Mac addresses of the network adapters also received by the C&C.

This alone is not too sensitive information. However, the infected file opened a backdoor, allowing the attackers to load additional malicious software, such as keyloggers.

Click here to understand, how Saner can help organizations to protect against “Malicious CCleaner v5.33” and similar threat’s.

Summary
Malicious Code Present in "Piriform - CCleaner v5.33" - CleanUp
Article Name
Malicious Code Present in "Piriform - CCleaner v5.33" - CleanUp
Author
Publisher Name
SecPod Technologies
Publisher Logo
Loading Facebook Comments ...

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>