As it appears, malware was indeed downloaded by the Trojan in approximately two dozen computers ( Trojan delivered secondary payloads). Even though it was presumed that this data-gathering was the only activity that Floxif malware completed, new revelations suggest a different scenario. The malware mainly fed cybercriminals with technical information about devices: installed software, computer names, running processes, MAC addresses, and IDs that identify each computer. You could guess how surprised security researchers were to realize that the tainted version of CCleaner had been signed with a valid digital certificate and originated from the official program’s page ( Cleaner: a vast number of machines at risk). Actually, security researchers from Cisco Talos were the ones to make this disturbing discovery while they were examining new tools for exploit detection.
#CCLEANER MALWARE 5.35 SOFTWARE#
issues an official statement in their blog and explained that their software had been illegally modified to infect their clients with malware ( Official post of Piriform). CCleaner is nothing like rogue security applications like CyboScan PC Optimizer. As soon as the software was downloaded, Floxif Trojan would begin collecting information and sending it to cybercriminals. This software was hacked and crooks managed to make modifications to the official installers. Tainted CCleaner versions distributed Floxif Trojan virusīefore beginning our article, we have to stress out that owners of CCleaner, Piriform Ltd, had nothing to do with the malicious activity that their product unknowingly initiated.
Back in 2014, 43,000 computers of people from US had become victims of Axiom hackers ( Axiom attack). This means that crooks from China managed to target American companies once again, and this is definitely not the last time. Read those articles if you need more details about such malware samples.Īccording to an ongoing investigation, Floxif virus was included into CCleaner by a group called Axiom. There is a variety of Trojans that we have already investigated, like Ticno and Proteus. Approximately, hackers’ vicious program ended up being downloaded in 2.27M operating systems. Crooks had the opportunity of a lifetime and their malicious modifications to the legitimate security software (meant to serve 32-bit Windows operating systems) remained undetected for nearly a month.
#CCLEANER MALWARE 5.35 CODE#
Floxif Trojan virus hit the world hard after hackers managed to secretly code CCleaner and CCleaner Cloud versions to distribute malware.