CCleaner, a popular maintenance and file clean-up software, was found to have been compromised with a backdoor application. Piriform, the developers of CCleaner, announced on September 18 that CCleaner version 5.33.6162 and CCleaner Cloud v1.07.3191 for 32-bit Window users were the infected versions. Through an investigative process, it was noticed that the software was illegally modified before it was released to the public and made available. The modification was made in the binary of the .exe file that allowed for a two-stage backdoor from a remote IP address on the affected systems. Besides the backdoor applications, it was also collecting information on the name of the computer, list of installed softwares and windows updates, running processes, MAC addresses, and information if the processes were running with administrator privileges. Currently, CCleaner Cloud has been automatically updated and that CCleaner should be manually updated as soon as possible.<\/p>\n
https:\/\/www.forbes.com\/sites\/thomasbrewster\/2017\/09\/18\/ccleaner-cybersecurity-app-infected-with-backdoor\/#51b0f0a1316a<\/p>\n
http:\/\/thehackernews.com\/2017\/09\/ccleaner-hacked-malware.html<\/p>\n
http:\/\/www.piriform.com\/news\/blog\/2017\/9\/18\/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users<\/p>\n","protected":false},"excerpt":{"rendered":"
CCleaner, a popular maintenance and file clean-up software, was found to have been compromised with a backdoor application. Piriform, the developers of CCleaner, announced on September 18 that CCleaner version 5.33.6162 and CCleaner Cloud v1.07.3191 for 32-bit Window users were the infected versions. Through an investigative process, it was noticed that the software was illegally […]<\/p>\n","protected":false},"author":17287,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[715219],"tags":[],"class_list":{"0":"post-4567","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-week-03-it-administrative-controls","7":"entry"},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall17\/wp-json\/wp\/v2\/posts\/4567","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall17\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall17\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall17\/wp-json\/wp\/v2\/users\/17287"}],"replies":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall17\/wp-json\/wp\/v2\/comments?post=4567"}],"version-history":[{"count":3,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall17\/wp-json\/wp\/v2\/posts\/4567\/revisions"}],"predecessor-version":[{"id":4570,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall17\/wp-json\/wp\/v2\/posts\/4567\/revisions\/4570"}],"wp:attachment":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall17\/wp-json\/wp\/v2\/media?parent=4567"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall17\/wp-json\/wp\/v2\/categories?post=4567"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall17\/wp-json\/wp\/v2\/tags?post=4567"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}