ccleaner forum hacked?

Showing a flag via ESET here.

 

Thanks Stapp

java applet, exploit

+pdf, exploit.

Upped to virustotal.

edit:

VT hashes - #search
SHA256: 9eed1841380772cfe9a1c27f40327dd717eff8d225163fbe3748063f2b7e5db0
SHA256: 433def6617e3d1167a974afa0c9275e4e900caa68ac415f05186c2ad76dc50b2

 

Thanks for the info stapp

 

I have a question please, when i went to the site, malwarebytes blocked it. Yet there are no entries in the Avira events. I see that in the V.T results Avira does detect this java exploit.
In the MBAM logs is says IP-BLOCK 46.166.147.133 (Type: outgoing, Port: 49920, Process: avwebgrd.exe )
So i am slightly confused. Avira webguard is not seeing this , right ?
Thanks in advance

 

I just tried it and Norton blocked it too, "Mass injection website"!

 

KAV did the same.

solve-putted.php Blocked:-http://46.166.147.133/m7md305/trial/solve-putted.php- (analysis using the database of malicious URLs) 2.11.2012. 11:38:53 -http://46.166.147.133/m7md305/trial/-

 

Same here for the Error but no detection from Bitdefender. It blocks the above URL by cd2

 

Please do us all a favor and unlink both URL. Thanks.

 

I'm worried about hazelnut. Hope she is safe!

 

No such problem getting to that forum for me.
MBAM Website Blocking was silent.
Norton DNS was silent.
No other security app displayed any issue with the forum.

 

No issue here either, Avast never said a word nor did Chrome. I guess they either fixed it or some clown made a spam post with an exploit in it.

 

It was real! Talking about it on their forum.

 

I never questioned that it was real... just reporting that when I tried there was no issue.

 

Nor did I question there might have been an issue. Forums don't have to be hacked however for security software to go off. One malicious post in an otherwise clean forum will set software like MBAM off. I've had Avast and Chrome block entire websites for a single link on a page. I'm glad it got settled though.

 

She is

 

No physical harm came to anyone involved.

 

Thread at the Piriform forum:
-http://forum.piriform.com/index.php?showtopic=37118

IMHO it would be good that the Piriform owner(s) explain what happened.

 

@ FanJ, A explanation from the owners would be nice.

 

Exactly, Dark Shadow. No security by obscurity.

 

That link points back to this thread !!

The onus on the site owners is, keep those that visit from getting infected, find what the site was designed for, they are under no obligation to explain what occurred at any time other than there was some down time. The event has been fixed, it's all over_

 

Yes, I am aware of that.

We have different opinions.

 

No one is owed an explanation because site administration is not the business of anyone but the site administrators/owners. Besides, the moment they open up that can of worms, every armchair security "expert" on their forum and elsewhere (here being one of them) along with those that wouldn't know an AV from an RV, will start chiming in on what should be done according to them and how they were "failed" and other nonsense. And, of course, here it would turn right into another "Hey Bob, what's your setup?" mid-thread. I'm sorry, but outside of their actual product information and issues, they don't report to us users. It was, it looks to be, just another of the prevalent website hacks we all have to deal with these days and it was dealt with. Time to move on.

 

Re: CCleaner 3.24.1850 released

Thanks; yes, I know.

Question is, are folks going to trust this without a full explanation by Piriform about what happened on their forum: https://www.wilderssecurity.com/showthread.php?t=335211

 

No, I disagree. Not time to move on.