HackerSecret.com - The Most Authoritative Site in the World on the Hacking Tools and Techniques, Penetration Testing and CyberSecurity

  • Home
  • Visit Our Shop
  • Download the free App
  • Contact us for Info
VISIT OUR SHOP! CLICK HERE !

Avast download site compromised to host a malicious CCleaner

by / Friday, 14 June 2019 / Published in Hacking
Share
Tweet
Pin
0 Shares

If you downloaded “CCleaner” software from antivirus company Avast between August 15 and September 12, you have a problem. Cisco’s Talos threat research group discovered that company’s software download page was compromised to host a malicious version of CCleaner that contains malware.

Computers that downloaded and ran that software became part of a botnet, a network of computers under the control of whomever is behind that malware.

Those that follow my advice to use the free OpenDNS service for their home networks are partially protected – your computer would still download and install the malware, but would be prevented from accessing the command and control servers the criminals use to deliver instructions to your computer.

If you use CCleaner, check your antivirus software to be sure it is completely up-to-date, and run a full system scan. Now that the malware is known, most commercial antivirus programs will begin to detect it (with varying degrees of success).

I have long recommended automatically updating software with the latest available patches and updates, as a core tenet of basic security for individuals and small businesses. After a Ukranian software company was hacked to deliver malware to taxpayers in that country, I wrote up an analysis of why I still held that recommendation. 

I said then:

In over twenty years as a systems administrator and security professional – much of that time overseeing patching for a Fortune 100 company with a quarter million systems to update – I can count on one hand the number of catastrophic failures caused by patching, and still have fingers left over. Conversely, hardly a month goes by that I don’t see malware and criminals exploit vulnerabilities in Windows, browsers, office productivity software, mobile apps, building automation systems, industrial control systems, and other computing software.

It is becoming increasingly difficult to maintain that position… I suspect I am up to two hands now, but for the time being, I still find quickly updating is less risky than not patching.



Security for Real People

Share
Tweet
Pin
0 Shares
Tagged under: Avast, CCleaner, compromised, download, host, Malicious, Site

Search on the site

Our customers say

Annabel M. – Systems Engineer

 
Samuel D. – Ethical Hacker

 
Karola M. – Influencer

 
Marcus P. – Private Investigator

 
Rosemary S. – Housewife

 
Amit V. – IT Consultant

 
Matthew C. – Entrepreneur

 
Aisha B. – Computer Science student

 
Li W. – IT Analyst

 
Robert C. – Programmer

 

Click here now to visit our Shop!

Click here now to visit our Shop!

Other 2300 users like you have already done it this year!

DOWNLOADED 1316 TIMES!

DOWNLOADED 1316 TIMES!

Download now Hacker Secret our free Android app.

CONTACT US NOW FOR IMMEDIATE SUPPORT!

Contact Us
Write your email address here
Write here how we can help you - we support you immediately for all your needs!

Latest posts

  • How to tell if someone is stealing your wifi

  • How to check saved passwords on Chrome

  • The Computer Security Day

  • What is digital forensics

  • How to install Metasploit in Termux?

## Are you looking for products for hacking, computer security and penetration testing? Do you need to clean up your smartphone, your PC or your site from viruses and malware? Do you need to track down someone or retrieve urgent information? Do you want to buy devices already configured to experiment all the hacking techniques quickly and easily? Do you have special needs in software or hardware? ##

Contact us now … another 2300 users like you have already done it this year!

Click here now!

 

All the techniques, products and services described or contained on this site are intendend for exclusive use of study and professional training and to test the security of own's computer network in accordance with the national legislations on access to computer and online systems. All the services provided on this site (penetration testing, social accounts hardening, Incident Response & CSIRT, MSSP, Cybersecurity Consultancy, etc.) can be provided only with prior written and documented authorization from the owners or their legitimate representatives in accordance with current national regulations .

TOP
New Order