Jewboo
18th September 2017, 11:36 AM
CCleaner Compromised to Distribute Malware for Almost a Month
Version 5.33 of the CCleaner app offered for download between August 15 and September 12 was modified to include the Floxif malware, according to a report published by Cisco Talos a few minutes ago.
Floxif is a malware downloader that gathers information about infected systems and sends it back to its C&C server. The malware also had the ability to download and run other binaries, but at the time of writing, there is no evidence that Floxif downloaded additional second-stage payloads on infected hosts.
The malware collected information such as computer name, a list of installed software, a list of running processes, MAC addresses for the first three network interfaces, and unique IDs to identify each computer in part. Researchers noted that the malware only ran on 32-bit systems. The malware also quit execution if the user was not using an administrator account.
https://www.bleepingcomputer.com/news/security/ccleaner-compromised-to-distribute-malware-for-almost-a-month/
(https://www.bleepingcomputer.com/news/security/ccleaner-compromised-to-distribute-malware-for-almost-a-month/)https://www.tomsguide.com/us/ccleaner-utility-malware-infected,news-25851.html
:o (https://www.tomsguide.com/us/ccleaner-utility-malware-infected,news-25851.html)
Version 5.33 of the CCleaner app offered for download between August 15 and September 12 was modified to include the Floxif malware, according to a report published by Cisco Talos a few minutes ago.
Floxif is a malware downloader that gathers information about infected systems and sends it back to its C&C server. The malware also had the ability to download and run other binaries, but at the time of writing, there is no evidence that Floxif downloaded additional second-stage payloads on infected hosts.
The malware collected information such as computer name, a list of installed software, a list of running processes, MAC addresses for the first three network interfaces, and unique IDs to identify each computer in part. Researchers noted that the malware only ran on 32-bit systems. The malware also quit execution if the user was not using an administrator account.
https://www.bleepingcomputer.com/news/security/ccleaner-compromised-to-distribute-malware-for-almost-a-month/
(https://www.bleepingcomputer.com/news/security/ccleaner-compromised-to-distribute-malware-for-almost-a-month/)https://www.tomsguide.com/us/ccleaner-utility-malware-infected,news-25851.html
:o (https://www.tomsguide.com/us/ccleaner-utility-malware-infected,news-25851.html)