Re: [PLUG] o/t CCleaner

[ronpguilmet <ronpguilmet@gmail.com>]

Some years back, I had some calls for malware removal on Windows, and I would not guarantee the work because I'd go broke with return calls.

Sent from my T-Mobile 4G LTE Device

-------- Original message --------

From: Tim Allen <tim@peregrinesalon.com>

Date: 9/20/17 9:09 AM (GMT-05:00)

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] o/t CCleaner

On Mon, Sep 18, 2017 at 6:10 PM PaulNM <plug@paulscrap.com> wrote:

Apparently only the 32 bit version was affected, so at least there's
that. They've also managed to disable the external infrastructure the
attackers were using.

I'd be careful of this assumption. Since the attack vector was the development toolbox and build process, I haven't heard anything from Piriform about what they've done to remedy the actual vector rather than its after effects, or even the specifics of what it was. They talk at length in their response about numbers and disabling the malware on the server side, but still, nothing about how their build was infected:

https://blog.avast.com/update-to-the-ccleaner-5.33.6162-security-incident

Their response that the 2.3 million people who downloaded 5.33 shouldn't be affected or worry, which was known to install Malware, is insufficient. Anyone who's dealt with Windows malware knows the only way to truly get it clean is a wipe and reinstall of the OS.

Proceed with extreme caution if you're on Windows. Regards,

Tim

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug