monkeymagick
[H]News
- Joined
- Jun 22, 2008
- Messages
- 480
Nextweb reports that CCleaner 5.33.6162 and CCleaner Cloud version 1.07.3191 were hacked. Between August 15 and September 12 about 2.27 million users downloaded the infected CCleaner version with 5,000 using CCleaner Cloud.
The vulnerability allowed a two-stage backdoor to be inserted when running the CCleaner.exe. The malware was also collecting other information including the name of the computer, list of installed software and running processes, and MAC adresses of the first three network adapters.
Anyone who has downloaded that version should update immediately.
“To the best of our knowledge, the second-stage payload never activated… It was prep for something bigger, but it was stopped before the attacker got the chance.”
The vulnerability allowed a two-stage backdoor to be inserted when running the CCleaner.exe. The malware was also collecting other information including the name of the computer, list of installed software and running processes, and MAC adresses of the first three network adapters.
Anyone who has downloaded that version should update immediately.
“To the best of our knowledge, the second-stage payload never activated… It was prep for something bigger, but it was stopped before the attacker got the chance.”