Jump to content

ProfoundlyOblivious

Members
  • Posts

    1
  • Joined

  • Last visited

Posts posted by ProfoundlyOblivious

  1. I learned of this attack more than an hour ago through an article a friend  linked: https://www.forbes.com/sites/thomasbrewster/2017/09/18/ccleaner-cybersecurity-app-infected-with-backdoor/#1ef52507316a

     
    I congratulate you on getting in front of the news, reviewing your software, and informing your customers.  That is praiseworthy and I will not withhold due praise... but there's a but and here it comes ....  but that's not good enough, there's potentially more damage being done at this moment and it is within your power to limit it.  Piriform does not have checksums displayed on the website.  So customers, like me, can't review their download and learn if they may have been infected.
     
    I did not download CCleaner but I recognized the name immediately because it was "included" with one of your products last week.  I'll call it a concentration test.  I'm certain you know what I mean, if the customer is installing one piece of software and loses concentration then they may click a button without unchecking a box - and end up with CCleaner on their system.  Anyhow, my point is this, we both know at least one dangerous file was hosted, as your customer, I cannot confirm if the file I got last week is clean.  A customer doesn't have inside knowledge, they don't know if it was a funny prank by an employee or a serious breach.  What they know is one product took a bullet and that makes it conceivable that others may have been lined with it.  The single best thing they can do right now is confirm the integrity of their file.  At best, the numbers match and the customer is at ease - at worst, the numbers don't match and a second attack vector was discovered... This is information that we both need to know!
     
    As it is right now, I have 2 options, I either finish  scrubbing my computer and forget about ever trusting Piriform again, or I turn my computer off and wait for the numbers to be posted so I can move forward with accurate information.   Neither choice is pleasant but I really do prefer the second option.  Can you see that it gets done quickly?
     
    One last thing, I do find it amusing that Speccy has a sticky informing the readers of a false positive... this is amusing because my concern is a false negative.
     
     
    Thank you,
     
    Prof
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.