ccleaner forum hacked?

Discussion in 'malware problems & news' started by stapp, Nov 2, 2012.

Thread Status:
Not open for further replies.
  1. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    What exactly are you wanting from them? Hazelnut already explained it was a hack, that's all you're entitled to know, that and that it is safe there now.
     
  2. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,171
    I would say that sites are obligated, if not legally then at least ethically, to fully disclose what information they have or can acquire about any threats their website was serving visitors and any user related information that was compromised.
     
  3. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    The aim of this thread • was • to report the hack of the Piriform Forum, this is in evidence within this thread. The aim of this thread has run it's purpose unless you have additional information to report regarding the original hack, assuming you have a screen capture of the event, when it was underway.

    Disclosure of the site hack beyond the purposes of reporting the hack are beyond the scope of this Forum since, it is not the aim of another Forum to further discuss why site owners have not disclosed what weaknesses that may have possibly existed that may have allowed the site to be compromised.

    I you are interested in full disclosure of the Piriform Forum hack, register there and ask them. I highly doubt you will get any sort of detailed information.

     
  4. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,171
    Forgot to mention something... one way to try to independently monitor things is to give each company/forum you use a unique, obscure email address that has been and will be used no where else. If that email address gets hit with spam then you have a reason to suspect your account may have been compromised on the server side. If anyone has done that at the Piriform forum and sees their email address get hit, do let others know.
     
  5. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    4,638
    All hazalnut, a moderator on that forum, said it was an hack while pointing to this thread here.
    In case you don't understand it, it is all about trust.
    No, I am not trying to "destroy" Piriform, far from that.
    I also understand that the general public might not be fully informed what really happened, although it would be far better that Piriform would explain as much as possible, IMHO. Once again, it is about trust. Damage control (and it wasn't even a good damage control, if at all) is one thing, gaining trust again is another thing. Trust is the big word here, and getting it back. I cannot do that for Piriform. They have to do that themselves. First step, IMHO, would be that the owner(s) explain as much as possible about what happened and, if needed, offer their apologies. That's where it starts.
     
  6. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    But there's no need for "damage control", FanJ. This wasn't a hack of Mastercard or some other company where real damage could be done beyond a simple infection. It was some little, in the grand scheme of things, irrelevant forum for a free product. It would be like hacking Wilders, annoying for a little bit, a headache for the admins, but otherwise unimportant and not in need of some PR speech or explanation. If you lose trust in them over a hacked forum that lasted less than half a day, well that's your bag.

    Would it be kind of them to give a brief statement about it beyond "We were hacked"? Sure. Is it necessary or smart to go into the dirty details? No. That's all I have to say on it really.
     
  7. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    4,638
    Hi Mman79,

    I agree, of course, that it wasn't anything like an hack on Mastercard.

    I stay with my opinion and have my own thoughts, you have yours.
    While I think you are doing exactly this damage control, let's say we agree to disagree.
     
  8. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    Re: CCleaner 3.24.1850 released

    As cited in this post I fail to see how your comments have any bearing on this thread. The onus on the site owners to disclose is up to them to disclose, if they so choose to do so.

     
  9. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
  10. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    To be honest if I got infected I'd expect to find a news release of some sort from the guys at cc, I'd be informed but a little peeved to have to read some place else I'd been infected by some exploit kit, but there's still time.
     
  11. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,752
    Location:
    Toronto Canada
    This should be no issue for the sandboxie guys. Right?;)
     
  12. pwillener

    pwillener Registered Member

    Joined:
    Apr 24, 2006
    Posts:
    133
    Location:
    Tokyo, Japan
    Looks like the (or a similar) problem is back on the Piriform forum; I get this when trying to view any page
    I can get to the main page http://forum.piriform.com/index.php but not into any forum, nor is there any login link.
     
  13. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    That doesn't look like a hack issue, nor are any of my security measures sounding any alarms there.
     
  14. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,936
    Location:
    UK
    Could just be they are working on getting some bits of the original database back. The attack the other day meant all members icons were wiped.

    No warning here just the error message.
     
  15. pwillener

    pwillener Registered Member

    Joined:
    Apr 24, 2006
    Posts:
    133
    Location:
    Tokyo, Japan
    Right; that is quite possible. I also didn't get any alert this time.
     
  16. alan_b

    alan_b Registered Member

    Joined:
    Nov 13, 2008
    Posts:
    100
    Location:
    Lancashire, England
    I am suffering exactly the same today.

    This is NOT the same as two days ago.

    Today I can enter
    http://www.piriform.com/products
    and select "Support" and drop down to "Community Forum", and when I click I immediately am SWITCHED to the Top Level Forum.
    http://forum.piriform.com/
    and that shows me all the sub-forums,
    and only when I click on a sub-form do I immediately get a white page with
    Two days ago was similar excepting that I never got the Top Level Forum,
    instead a "php error" that was similar to "today's" error EXCEPTING
    it included a reference to a "Pear" image which I believe referred to the icon/image of a Pear that replaces the letter "o" in the word "Piriform" at the very top of the page
    http://forum.piriform.com/

    Another difference is that two days ago the very first error was preceded by my PaleMoon browser (based on Firefox) telling me a Plugin needed to be installed.
    I did not suspect malware BUT followed my safety habit that I do NOT let anything install.
    I thought it was a one-time error so retried several times via different routes,
    and each time had the identically same "php error" but NO further Plugin installation messages.

    When later that day I found the site had been hacked I downloaded MBAM and performed a full in depth scan of my entire system.
    I found nothing to report other than my secondary HDD had 3 off "Potentially Unwanted Programs",
    which were all high powered tools from Nirsoft which I fully trust.
    Piriform was hacked but I was NOT infected - perhaps because I chose to avoid installing an unknown "Plugin".
    N.B. I also have full trust in my entire Comodo Security suite,
    and believe both its A.V. and "Defense +" Behaviour Blocking would have protected had I allowed Plugin Installation.

    Today there has been no Plugin Installation request,
    which suggests that if today is another malicious attack it has a different nature and a different way of delivering its payload.

    Yesterday the site was working fairly well but still damaged.
    I do not know if today's problem is the result of :-
    administrators working backwards to fix the damage;
    or a further attack.

    Alan
     
  17. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,936
    Location:
    UK
    Looking at the error message it seems to be an error related to cache issues for forum skins. Piriform have their own skin (to show pears etc) and as this is not working I think that may be what they are trying to repair.
     
  18. pwillener

    pwillener Registered Member

    Joined:
    Apr 24, 2006
    Posts:
    133
    Location:
    Tokyo, Japan
    Looks like they are trying very hard to get the forums back (and possibly more secure); for the last two days I'm getting this on the top of the forum:
     
  19. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,304
    Location:
    Kent. UK by the sea
    Hi pwillener
    It up now. 23:00 [UK time [GMT]] :)

    Take Care
    TheQuest :cool:
     
  20. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,936
    Location:
    UK
    Still quite a few teething problems but at least it's back, and I assume they will be working behind the scenes to get all the forum bits and pieces back on track.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.