Ccleaner is one of the most widely used Windows maintenance programs out there, with over 2 billion downloads. In fact, it was a utility that even I used often before moving to OS X. Unfortunately, Talos researchers have discovered that the official Ccleaner installer had been booby-trapped with malware for over a month. In order to have planted this malware into an installer with a legitimate digital signature, the attacker had to get deep within Piriform’s supply chain. We don’t know yet whether this was a sophisticated breach or an insider attack, but it’s a big deal in either case. Watch the video below for more detail about this attack, and what to do if you use Ccleaner yourself.
Episode Runtime: 5:19
Direct YouTube Link: https://www.youtube.com/watch?v=ooo9_jXv5rs
EPISODE REFERENCES:
- Malware hides in Ccleaner update – Ars Technica
- Talos’ research post on the Ccleaner supply-chain hack – Talos Intelligence
- Avast/Piriform’s response to their Ccleaner installer hijack – Piriform
Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply