All posts by grentech

CCleaner hacked and bundled with malware

CCleaner is a popular cleaning program that is often installed to help clean up a slow PC. It boasts that it “protects your privacy and makes your computer faster and more secure”.

A recent version of CCleaner, version 5.33, had been modified to include malware. Attackers had managed to compromise a server from which users download CCleaner. They were then able to add malware to the setup file and resign it with a legitimate certificate. This helped the malware to bypass any protections users had in place that might have otherwise stopped the installation.

The malware only affects 32-bit systems, and is removed with the latest update of CCleaner.

The malware that is included is known as Floxif. It is a Trojan that allows the attacker to run additional executable files on your PC as well as collect information regarding your PC.

If you are a user of CCleaner it is highly recommend installing the latest version from the Piriform website.

PayPal Phishing Email

An email claiming to be from PayPal is advising the recipient that their PayPal Account has been limited. To rectify the problem the email asks you to log in to your PayPal account.

The link leads to a phishing page, designed to steal your PayPal credentials. If you sign into the page your credentials (PayPal account username and password) are sent to the attacker. The attacker can then use you PayPal account to make purchases on the internet.

 

Telstra Phishing Email

Be wary of a Telstra phishing email doing the rounds. The email advises the recipient that their latest Telstra bill is available to download. Upon clicking the link you will be presented with a zip file containing a malicious javascript file. This javascript file, when run, will download a Trojan onto your PC.  A Trojan allows an attacker to remotely access your PC. This allows an attacker to possibly view what you are doing, steal passwords, or install other malware, such as ransomware onto your PC.