The popular CCleaner program was hacked for almost a month, with the compromised version including malware that could download and install other programs.
Version 5.33 of the CCleaner app offered for download between August 15 and September 12 was modified to include the Floxif malware, according to a report published by Cisco Talos a few minutes ago.
Floxif is a malware downloader that gathers information about infected systems and sends it back to its C&C server. The malware also had the ability to download and run other binaries, but at the time of writing, there is no evidence that Floxif downloaded additional second-stage payloads on infected hosts.
The malware collected information such as computer name, a list of installed software, a list of running processes, MAC addresses for the first three network interfaces, and unique IDs to identify each computer in part. Researchers noted that the malware only ran on 32-bit systems. The malware also quit execution if the user was not using an administrator account.
Clean versions have now be released; if you installed a new version in August or September, you should probably download and install a newer version.
Also submitted via IRC for SoyCow1937
Source: http://www.securityweek.com/millions-download-maliciously-modified-pc-utility [securityweek.com]
(Score: 0) by Anonymous Coward on Tuesday September 19 2017, @10:46AM
This is not a troll, this person speaks the truth. The crapware category should be extended to all of piriforms offerings in general too.