SoylentNews is people
SoylentNews
The popular CCleaner program was hacked for almost a month, with the compromised version including malware that could download and install other programs.
Version 5.33 of the CCleaner app offered for download between August 15 and September 12 was modified to include the Floxif malware, according to a report published by Cisco Talos a few minutes ago.
Floxif is a malware downloader that gathers information about infected systems and sends it back to its C&C server. The malware also had the ability to download and run other binaries, but at the time of writing, there is no evidence that Floxif downloaded additional second-stage payloads on infected hosts.
The malware collected information such as computer name, a list of installed software, a list of running processes, MAC addresses for the first three network interfaces, and unique IDs to identify each computer in part. Researchers noted that the malware only ran on 32-bit systems. The malware also quit execution if the user was not using an administrator account.
Clean versions have now be released; if you installed a new version in August or September, you should probably download and install a newer version.
Also submitted via IRC for SoyCow1937
Source: http://www.securityweek.com/millions-download-maliciously-modified-pc-utility [securityweek.com]
(Score: 3, Insightful) by drussell on Tuesday September 19 2017, @12:21AM (6 children)
I've always treated that thing as a virus...
It is no match for proper manual intervention when I'm cleaning up a machine, though I realize most people have no idea what they're doing so it might be somewhat valuable in limited circumstances for the average schmoo...
...but anything like that is guaranteed to be a piece of crap, sooner or later.
Call NOW! #*!FIXMYPCDOODAD!*# only $29.95, just call 1-800-DOCTORB!! The B is for BARGAIN!!!
(Score: 2) by mhajicek on Tuesday September 19 2017, @12:39AM (3 children)
99.98% of people don't know enough to do it manually. An automated process is therefore necessary. Consider yourself lucky if everyone you share data with actually uses antivirus and anti-malware software.
The spacelike surfaces of time foliations can have a cusp at the surface of discontinuity. - P. Hajicek
(Score: 1, Disagree) by Anonymous Coward on Tuesday September 19 2017, @04:40AM (2 children)
Consider yourself lucky if everyone you share data with actually uses antivirus and anti-malware software
Wouldn't it be better if they didn't use an OS that requires that nonsense?
Wouldn't it be better if YOU didn't use an OS that requires that nonsense?
-- OriginalOwner_ [soylentnews.org]
(Score: 0) by Anonymous Coward on Tuesday September 19 2017, @10:44AM (1 child)
Every OS requires such nonsense when it becomes popular enough or the targets wealthy enough. There's a world of difference between targeted attacks against servers (where root access is desired and required) and attacks against desktop users, the stuff the bad guys want to do can be done without root, easily.
(Score: 0) by Anonymous Coward on Tuesday September 19 2017, @09:06PM
Not buying it for a second.
Blocking scripts/Java by default at the browser level is the only precaution I have continued to take since I started using Linux.
Never had a problem.
The "Which anti-whatever should I use" question comes up routinely at the Linux Mint forum.
Those threads will have a bunch of folks who note how long they've been using Linux, noting that they simply do their OS updates, and how they too have never had any security-related problems.
I used to read comp.os.linux.advocacy regularly.
Periodically, Homer would post an updated list of the most-downloaded apps for Windoze and for Linux.
The Windoze list was nearly completely "security" apps.
There wasn't even 1 of those on the Linux list; that always consisted entirely of productivity apps.
-- OriginalOwner_ [soylentnews.org]
(Score: 2) by Common Joe on Tuesday September 19 2017, @01:40AM (1 child)
Manually? Yuck. It would be nice to have a simple batch file or shell script that is kept up to date. That way, I could explicitly see what it was doing. I do the occasional clean up and I'd rather just run something than go through a hundred folders by hand or relying on a piece of bloated software. Anyone have any suggestions on that? Does such a thing exist? (Just a simple clean up script.)
(Score: 3, Informative) by RS3 on Tuesday September 19 2017, @05:04AM
Responding to many comments here: I use many cleaners, including ccleaner, but I _NEVER_ run them "out of the box"- I always go through and check, or uncheck things depending on what I want. And I always look at what is going to be deleted before I click "clean".
I use BleachBit, which you can fully configure, add custom files / folders, etc. Again, it lists files to be deleted before the deletion.
I also like JetClean; again, always going through all settings, check boxes, etc.
I used to use Glary, but something changed several years ago. I can't remember what, but I remember it was significant and deal-breaking.
I've tried many others over the years and I'm sure there are some great ones out there but I don't have time to experiment, nor am I willing to risk trashing a machine.