Blogger app

This malware mimics the cracked CCleaner application in recent campaigns

Researchers have discovered a new malware campaign in the wild targeting Windows users by imitating cracked CCleaner. This malware campaign uses all legitimate means including Google search results to lure users. Once downloaded, the malware sneakily steals data and cryptocurrency details from the victim’s device.

Malware poses as a cracked CCleaner application

Avast researchers have warned users about a serious malware campaign exploiting their CCleaner tool. The campaign, identified as “FakeCrack”, spreads a powerful data-stealing Trojan by posing as pirated versions of the CCleaner application.

Since users are often interested in getting cracked versions of premium apps, such offers quickly catch their attention. Therefore, malicious campaigns exploiting this aspect of public interest prove lucrative for attackers.

Briefly, the attackers set up different malicious sites offering the pirated versions of CCleaner. They even used BlackHat SEO techniques to get these sites to get top positions on Google SERPs. Thus, they increase the chances of such websites misleading users.

By visiting such a malicious link, the user reaches an apparently legitimate hosting site like Mediafire.com after several redirects. This hosting site offers the file with the cracked version. Since the attackers misuse generally trustworthy file sharing platforms in this campaign, the victims will most likely fall into downloading the malicious file. Attackers also protected the file with passwords (which they openly announce to victims) to ditch malware detection.

Once the malware reaches the target System, it gains persistence and performs malicious activities. These include stealing stored information and login credentials from browsers, crypto wallet data, and scanning and extracting clipboard data.

Since all these activities take place in the background, victims can rarely detect the malware infection. Therefore, the attackers have enough time to continue stealing data and spreading the infection to other systems.

The researchers shared the technical details of this campaign in a blog post.

Beware of Fake Cracks

Installing cracked or cracked versions of software is never recommended due to the underlying security threats. Offering premium tools for free is one of the biggest attack vectors through which criminal hackers target innocent users. Therefore, users should always avoid downloading apps from untrusted or unofficial sources even if it does not involve money. Instead, users can try downloading open source alternatives from official; websites that are often available for free.

CCleaner is a legitimate Windows system cleaning utility that claims to help users with slow PC speeds. The app removes potentially unwanted apps and junk files, which saves time for users to filter out extra items. Since it is popular among Windows users, it often suffers from malicious exploitation by criminals, who tend to lure users using its name.