Author Topic: CCleaner - Piriform - compromised  (Read 4979 times)

0 Members and 1 Guest are viewing this topic.

Offline MikeW

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 568
    • View Profile
Win 7 Home Premium  IE11 MSE  Mbam Pro

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7436
  • Liverpool FC - YNWA
    • View Profile
Re: CCleaner - Piriform - compromised
« Reply #1 on: September 18, 2017, 11:47:02 AM »
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Offline Pete!

  • Hero Member
  • *****
  • Posts: 5280
    • View Profile
Re: CCleaner - Piriform - compromised
« Reply #2 on: September 18, 2017, 01:12:44 PM »
ESET usually has a "PUP" problem with the installation file, it keeps me from recommending it to newbies, but I thought I could deal with it....

I just opened it to check the version number. While I was finding out I have one of the compromised versions, ESET removed something from memory related to Ccleaner.

Closed and opened it again, with the same results...

Uninstalled ... For now, I'll do without it.


Offline hayc59

  • Voodoo Child
  • Hero Member
  • *****
  • Posts: 1459
  • Gentleman
    • View Profile
Re: CCleaner - Piriform - compromised
« Reply #3 on: September 18, 2017, 01:57:32 PM »
So let me get this straight...the download link at the bottom of the page
is the same version as the one the put out on the 12th correct?
here is the link:
Direct download :)
https://www.piriform.com/ccleaner/download/standard

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'


Offline Digerati

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1294
    • View Profile
Re: CCleaner - Piriform - compromised
« Reply #4 on: September 18, 2017, 03:01:42 PM »
Quote
So let me get this straight...the download link at the bottom of the page
No. The new and clean version available is V534.

It should also note this compromise only affected the 32-bit version of CCleaner.

What I find disturbing is just a month after Piriform was acquired by Avast (and new people gained access to the code), this compromise occurred.  Makes me wonder.
Bill (AFE7Ret)
Freedom is NOT Free!
2007 - 2018

Offline Metallica

  • Malware Experts
  • Full Member
  • *****
  • Posts: 104
    • View Profile
    • Metallica's blog
Re: CCleaner - Piriform - compromised
« Reply #5 on: September 18, 2017, 05:23:01 PM »
In a press statement the company estimates that 2.27 million people used the affected software.  :-X

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20869
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: CCleaner - Piriform - compromised
« Reply #6 on: September 18, 2017, 08:37:37 PM »
 From the updated BC article:
Quote
Article updated with link to Piriform blog post. Updated article for a second time with response from Avast CTO. An earlier version of this article referenced a tweet suggesting that other parts of the Avast network might be compromised. Avast investigated the issue and discovered that someone used its VPN service to send ransomware-laced spam.

Follow-up article on removal: CCleaner Malware Incident - What You Need to Know and How to Remove


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7436
  • Liverpool FC - YNWA
    • View Profile
Re: CCleaner - Piriform - compromised
« Reply #7 on: September 19, 2017, 12:11:52 PM »

It should also note this compromise only affected the 32-bit version of CCleaner.


I can confirm none of my 64-bit boxes were affected.

Wonder if they will rush out the slim build for those of us who use it?
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Offline satrow

  • LzD Friends
  • Full Member
  • *****
  • Posts: 246
    • View Profile
Re: CCleaner - Piriform - compromised
« Reply #8 on: September 19, 2017, 12:20:53 PM »
Wonder if they will rush out the slim build for those of us who use it?

I drag the x64 Ccleaner exe from the Portable (zip) version into my Ccleaner Program Files folder to overwrite the old version, saves waiting for the Slim build to be released.

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20869
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: CCleaner - Piriform - compromised
« Reply #9 on: September 19, 2017, 12:23:15 PM »
For those interested, here's the report from Avast:  Update to the CCleaner 5.33.6162 Security Incident.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Digerati

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1294
    • View Profile
Re: CCleaner - Piriform - compromised
« Reply #10 on: September 19, 2017, 01:36:57 PM »
That was a great, informative, and very timely article from Avast - especially in light of the disastrous Equifax hacks (hacks, as in more than one :() that we still don't know the full details.
Bill (AFE7Ret)
Freedom is NOT Free!
2007 - 2018

Offline Paddy

  • LandzDown Team
  • Hero Member
  • *****
  • Posts: 1602
    • View Profile
Re: CCleaner - Piriform - compromised
« Reply #11 on: September 22, 2017, 11:06:51 AM »
This is one race of people for whom psychoanalysis is of no use whatsoever - Sigmund Freud (about the Irish)

Never argue with a fool, they will lower you to their level and then beat you with experience.