birthdaypolew.blogg.se - Get ccleaner portable

The researchers think it is likely that "an external attacker compromised a portion" of Piriform's development or build environment, and used the access to insert the malware into the CCleaner build. The Talos researchers concluded that the malicious payload was distributed between the release of version 5.33 on August 15th, 2017 and the release of version 5.34 on September 12th, 2017. The installer contained a "malicious payload that featured a Domain Generation Algorithm" as well as "hardcoded Command and Control" functionality. The download executable was signed with a valid Piriform signature. Talos Group"identified a specific executable" during tests of the company's new exploit detection tool which came from the CCleaner 5.33 installer which in turn was delivered by legitimate CCleaner download servers. Talos Group informed Avast, the parent company of Piriform, about the situation. Security researchers of Cisco's Talos Group revealed details about the successful supply chain attack. CCleaner Cloud was released on August 24th, 2017, and a non-compromised version of the program on September 15th, 2017.

CCleaner was released on August 15th, 2017, and an updated non-compromised version was released on September 12, 2017.

The latest release version of CCleaner is version 5.34 at the time of writing. The company asks users to update their version of the program to the latest available release if that has not been done already. According to Piriform, only the 32-bit versions of the applications were compromised and distributed using the company's own infrastructure. The affected versions are CCleaner and CCleaner Cloud. The hackers compromised two versions of the CCleaner in the attack which have been used by up to 3% of the company's user base.