Problem is the server admins that host the Ccleaner executable don't read their access logs and use good security. It's not often you hear about a program that you can download has been replaced with one that has a malware payload.
Actually, I worry about this constantly. Especially, when you reboot your PC, and when it boots back up and your user logs in, you see "Command Prompt" windows quickly flash up, one or two or rarely three of them, and then they disappear. And then you start to wonder... am I compromised? Where did those come from?
It doesn't help that it's known that Windows Update does that, but what if your Reliability Monitor or Windows Update doesn't show an update from the most recent date? Again, makes you wonder.
ALL Windows Executables should be SIGNED, including .EXE-style installers / extractors. Otherwise, this can happen. (Actually, in this particular case, wasn't it in fact signed?)
Some popular programs, like HDTune.com 's free version, ImgBurn's local copy of their software, and a few others, aren't signed, and would be ripe for such an attack. (Probably already happened? Assume the worst?)
With the tech that the NSA has, they can even replace the .exe in-flight, AS YOU DOWNLOAD it, if your internet router or one in your path is compromised by them. They wouldn't even have to hack the web server.
"They say" that Windows 10 has the "best security out of any Windows version". But I wonder if it's mostly just swiss cheese, moreso than Windows 7.
Facebook
Twitter