❗️
Backdoor in Win 10 Tweaker
In the pursuit of privacy, most users do not even suspect how they voluntarily share their data with the developers of various programs that supposedly protect the user’s privacy.
We are talking about the program “Win 10 Tweaker” in which the user “Sanctuarys” from the resource “Habr” found a backdoor that was noticed back in the fall of 2020.
Win 10 Tweaker is a well-known program that is used to disable data collection in Windows 10. “Sanctuarys” installed the program itself from the official site. Granted all requested permissions and then started listening to application traffic.
Win 10 Tweaker downloaded from this resource is an executable code written in C# that writes to the registry instructions to remove the user’s first 50 installed programs. When you first log in or log out of your account, these programs are their own uninstallers.
In the fall, on the same website found a C# code that sets a password for the account “Rock5taR”. That is, if you have Win 10 Tweaker installed, a developer can execute any code on your PC from this site.
Let’s put it even simpler, your PC is in the wrong hands because of one installed program. The code is executed, requested and executed through Win 10 Tweaker.
What should I do? Uninstall Win 10 Tweaker and clean section “Startup” from suspicious programs.
And it’s better for Microsoft to collect your data than for someone to do something on your PC.