According to reports, these alternative servers are not under the attackers control.
#CCLEANER CLOUD ALTERNATIVE GENERATOR#
If the first server contacted is unreachable, the backdoor also includes a Domain Name Generator (DGA) that it can use to redirect to another command and control (C&C ) server. The backdoor also reportedly has the capability to download an additional payload from this server.Īt the time of writing, there have been no reports of any secondary payload being observed. The harvested information is encrypted and sent to an external IP address. The CCleaner component of CCleaner Cloud is similar to the desktop version, allowing you to perform scans on Windows and other kinds of applications in order to remove junk data to free up space. MAC addresses of the first 3 network adapters When the compromised installer is run, the bundled backdoor code is launched as well and collects information from the system, including:
Talos Intelligence: CCleanup: A Vast Number of Machines at Risk.Piriform: Security Notification for CCleaner v and CCleaner Cloud v for 32-bit Windows users.News reports have noted that the unauthorized insertion must have taken place before the signing during the software development or distribution process, a type of attack also known as a 'supply chain compromise'. The installers were signed by a valid digital signature from Piriform, the company that created the software. According to reports, they had been available since early August 2017.
The affected installers were available for download from the legitimate CCleaner download servers. The specific versions were identified as CCleaner version and CCleaner Cloud version. On Monday, Sept 18 2017, security researchers reported that some versions of the installer for the popular free computer utility program CCleaner had been altered to include a backdoor, which was silently run when the installer was launched. Advanced SystemCare is a powerful CCleaner alternative and packs some extensive features to help boost your PC’s performance.
0 kommentar(er)
