Troublingly, the malware was digitally signed with an appropriate digital certificate Talos wrote, "the presence of a valid digital signature on the malicious CCleaner binary may be indicative of a larger issue that resulted in portions of the development or signing process being compromised.
From August 15 to September 12, the 5.33 version of CCleaner was infected by a malware payload. CCleaner is a popular utility, with an average of five million downloads per week (over two billion downloads cumulatively). Talos Intelligence has published (Opens in a new window) a blog post detailing its research and findings, and they aren't great. CCleaner Cloud users should have gotten an update already, but if you use CCleaner and don't have automatic updates enabled, it would be a good idea to check the situation now. The infected payload affects two CCleaner products - CCleaner v and CCleaner Cloud v. Worse, the company distributed infected versions of its products for nearly a month before realizing the problem.
CCleaner, the temporary file cleaner and registry optimizer of generally dubious utility in this day and age, has been flagged as containing malware.
0 kommentar(er)
