CCleaner V5.33 Malware second payload discovered A new report by Cisco’s Talos Group suggests that the CCleaner hack was more sophisticated than initially thought. The researchers found evidence of a second payload during their analysis of the malware which targeted very specific groups based on domains. For more info go here https://www.ghacks.net/2017/09/21/ccleaner-malware-second-payload-discovered/
Inside the CCleaner Backdoor Attack - October 5, 2017
https://threatpost.com/inside-the-ccleaner-backdoor-attack/128283/
Researchers Link CCleaner Attack to State-sponsored Chinese Hackers
http://www.securityweek.com/researchers-link-ccleaner-attack-state-sponsored-chinese-hackers
Kudos to ALF60 et al for posting about this second payload. I've re-posted some of the links in this thread in my own thread Traces of Floxif Malware From Infected CCleaner v5.33 Installer in the CCleaner forum since Avast and Piriform were sending mixed messages yesterday about the possibility of a second payload.
------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.3.0 * NS v22.10.1.10 * MB Premium v3.2.2
Hackers behind CCleaner compromise were after Intel, Microsoft, Cisco
https://www.helpnetsecurity.com/2017/09/21/ccleaner-compromise-targets/