Between August 15th and September 12 Version 5.33 of the CCleaner App was released to the public for download. According to Cisco Talos, it was modified to include the Floxif malware. Floxif is a malware downloader that gathers information about the infected system and sends it back to C&C servers. The malware gathered information such as your computer name, a list of installed software, a list of running processes, MAC addresses for the first three network interfaces, and unique IDs to identify each computer in part. It is also noted that the malware only ran on 32-bit systems and would also quit execution if users were not using an administrator account.
Avast CTO said that updating CCleaner to the most recent version would fix the issue as the malware was embedded in the CCleaner binary itself. They believed that they were able to disable the threat before it did any damage to users.
Do follow Aurialite Gaming as we’ll keep you up to date with more information as soon as we get them!