TromboneChat

Multiple responsible outlets are reporting this

CCleaner Hacked With Data-Stealing Malware Injection

QuoteCCleaner, a system-optimization tool with more than 2 billion downloads worldwide, is used by many Windows, Mac and Android users who want looking to keep their devices running as fast as possible. Unfortunately for them, it appears that hackers decided to sneak their own code into a recent build of CCleaner for Windows in an attempt to steal data and possibly infect users' systems with even more malicious applications.

QuoteThe attack took place by piggy-backing onto CCleaner by infiltrating the servers that distribute the software, infecting version 5.33 of the Windows utility and version 1.07 of its cloud-based sister application.
QuoteIf you've updated CCleaner since Aug. 15 and you're running 32-bit Windows, you may be infected. You should roll back to a pre-Aug. 15 snapshot of your system, or run a malware scan. Following either (or both) of those steps, visit Piriform's site to download and install the latest, clean version of CCleaner.
Fortunately, I'm on 64 bit Windows, but many people are not even if they have a 64 bit computer.

I always wondered how they can be sure the anti-malware software doesn't have malware. Now I know they can't.

I never trust anything of the sort. Period.

I haven't used that program in years.  I think it may be on a couple of my old Windows XP disks (none of which are in current use).  But I know I didn't download any versions for a few years.

Malware and Virus programs can be spotty at best.  I remember one time we got infected with a virus called "Junky".  Norton didn't find it, but McAfee did.  So I wound up scanning a few drives (including my company's servers) with McAfee and got rid of it before it spread too far.  We got the virus from a USB drive being used by one of our vendors.

Malwarebytes identifies Advanced Systemcare as a .pup virus. 

Owning a computer is starting to demand as much knowledge as it did in the 70s. 

Quote from: timothy42b on Sep 18, 2017, 09:20AMMalwarebytes identifies Advanced Systemcare as a .pup virus. 

Owning a computer is starting to demand as much knowledge as it did in the 70s. 

This just piqued my interest.  I've been using ASC for at least 5 years and never seemed to have problems from it.  What about it is bad?

Quote from: timothy42b on Sep 18, 2017, 09:20AMMalwarebytes identifies Advanced Systemcare as a .pup virus. 
 

I've noticed this too.   

"pup" just means "potentially unwanted program", not necessarily a virus.

Perhaps the fact that it also wants to install ASC software is what gets it that flag.

I've set Malwarebytes to ignore ASC.

I use several members of the IOBit suite and I will confess every time it upgrades it opens an awful lot of pages in my browser.  Get a few of them coming up at once and you have a load of extra pages to clean up.

I even paid for the "professional" version for a year.  Didn't see it doing much more, so I let it lapse.

CCleaner only ever made anything I put it on run much worse, whether it was a phone, desktop, laptop, etc. Half of these programs are malware themselves, even if they do what they claim to. You can't get a virus anymore sure, but it's only because you can't even use your system with all the I/O lock up from your "protection". I wonder if it was really hackers, or if someone just found out how they were mining user data, and they need a cover up story.

You can't be sure that they aren't malware themselves. And you get what you pay for with software. They wouldn't have bothered making the program if it was truly free. It's not a simple undertaking.

McAfee and Norton are the two I still trust, and Norton has let a few things slip through that McAfee thought were problems, though I haven't had any noticeable problems with malware in the whole family since XP days. Don't go to weird sites and download free things that are supposed to cost money, and don't enable flash or Java by default.

Granted, these are just home systems. Anything with other people's information on them should be handled by well trained professional IT. I'd be running at least a private VPN with security and anti-malware at the router level if I was doing work from home.

CCleaner only ever made anything I put it on run much worse, whether it was a phone, desktop, laptop, etc. Half of these programs are malware themselves, even if they do what they claim to. You can't get a virus anymore sure, but it's only because you can't even use your system with all the I/O lock up from your "protection". I wonder if it was really hackers, or if someone just found out how they were mining user data, and they need a cover up story.

You can't be sure that they aren't malware themselves. And you get what you pay for with software. They wouldn't have bothered making the program if it was truly free. It's not a simple undertaking.

McAfee and Norton are the two I still trust, and Norton has let a few things slip through that McAfee thought were problems, though I haven't had any noticeable problems with malware in the whole family since XP days. Don't go to weird sites and download free things that are supposed to cost money, and don't enable flash or Java by default.

Granted, these are just home systems. Anything with other people's information on them should be handled by well trained professional IT. I'd be running at least a private VPN with security and anti-malware at the router level if I was doing work from home.