Group of researchers from Cisco Talos recently reported that CCleaner App v5.33 which was available for download between August and September came with the Floxif malware.
The Floxif malware collects information such as computer name, installed softwares, etc and send it back to the hacker’s server. This also has the capability to download and run other programs like key loggers . Millions of systems are suspected to be compromised.
Researchers identified the app was making calls to suspicious domains. Normally, this would happen when the app is download from an untrusted source. However, in the case of CCleaner, the installer was obtained from the official site and was signed by a valid digital certificate. This makes the situation even worse because, the development or signing process of the company seems to be compromised.
Don’t panic, just update your CCleaner version to v5.34. This should fix the issue. Only Windows/Cloud offering of CCleaner seems to be affected. If you are on macOS, you should be just fine.
Follow Hackernoon and me (Febin John James) for more stories. I am also writing a book to raise awareness on the Blue Whale Challenge, which has claimed lives of many teenagers in several countries. It is intended to help parents understand the threat of the dark web and to take actions to ensure safety of their children. The book Fight The Blue Whale is available for pre-order on Amazon. The title will be released on 20th of this month.