CCleaner has been hacked.
Hacking CCleaner is more dangerous than it seemed.
This week CCleaner has blown all the alarms. A hacking of software dedicated to security has caused the spread of malware in one of its versions, distributed during almost a whole month between August and early September. It was initially said that it was due to a weakness in the digital form, and that this vulnerability is what allowed to hide malware in the official version hosted on its servers. More details are now available on this security issue, and it is even more serious than it appeared.
In more extensive analyzes that have already been carried out on this security problem, the developer company has found that there were target URL addresses of both VMware and Vodafone Spain, Intel, Sony, MSI, DLink, Samsung and Cisco-between others. We have also found the GeeSetup_x86.dll library and the Trojan TSMSISrv.dll and EFACli64.dll. The first library is used to check if the affected system is 32 or 64 bits, and the next two are Trojans for the different architectures. Depending on the detected system, one or another Trojan was installed directly.
The latest update solves the problem of CCleaner completely, and is now available
The security issue of CClenar 5.33, which is the affected version, has been distributed from the official servers themselves between August 15 and September 12 of this year. Users who maintain this version are still affected by the problem, and the key in the whole thing is to download the latest version of the program. However, Cisco continues to recommend restoring a system backup prior to installing this version of the program, or even formatting the computer to prevent any remaining malware installed through CCleaner.
The developer has released CCleaner 5.35 solving the problems of the digital signature that has allowed exploit this vulnerability, and now is perfectly safe. The only thing that changes now is that, beyond updating, has also been added the recommendation of formatting the computer or, at the very least, restore the system to any date before the installation of the version infected by malware.
https://www.adslzone.net/2017/09/21/hackeo-ccleaner-mas-peligroso/