OT: CCleaner 5.33 carried Trojan.Floxif malware....

[neonixie-l]

Yes, I know: It's off-topic, but IMHO sufficiently dangerous to warrant inclusion here...

If you have CCleaner installed, check that it’s not 5.33 – the current version is 5.34 – 5.33, even though it’s legitimately signed, carried a trojan backdoor (Trojan.Floxif). 5.34 is clean…

Updating to 5.34 clears this, though it leaves the malware on your system.

Running the free Malwarebytes edition with the latest updates will detect & remove this, though it requires a reboot.

http://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users

http://www.theregister.co.uk/2017/09/18/tainted_ccleaner_downloads/

https://www.bleepingcomputer.com/news/security/ccleaner-compromised-to-distribute-malware-for-almost-a-month/

I’d run MWB anyway – this sort of injection into a legitimate update is not the first and won’t be the last – it weakens the trust between customers and suppliers.

Note that it seems to only activate on 32-bit systems and we’re mostly 64-bit, but it still leaves the trojan on your host.

Nick