Malicious Code Present in “Piriform – CCleaner v5.33” – CleanUp

CCleaner is a system cleanup tool by Piriform, which is now owned by Avast. A suspicious activity was identified on September 12th, 2017, where an unknown IP address receiving data from software found in version 5.33.6162 of CCleaner. Later it was found that the 5.33.6162 version of CCleaner was illegally modified before it was released to the public.

The malicious code sent encrypted information about the infected machine to a C&C server that the hackers had set up. Among other things, the name of the computer, a list of installed programs and running processes, as well as the Mac addresses of the network adapters also received by the C&C.

This alone is not too sensitive information. However, the infected file opened a backdoor, allowing the attackers to load additional malicious software, such as keyloggers.

Click here to understand, how Saner can help organizations to protect against “Malicious CCleaner v5.33” and similar threat’s.

Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments