I'm not about to go searching for malicious code from every single piece of software I've ever downloaded for 3 reasons:
1) I'm not that skilled.
2) I'm not that patient.
3) I'm not that paranoid.
I've been saying for a few years that I wouldn't be surprised if there already IS some software on my systems which has some undetected backdoor I didn't know about.
I use several layers of protection, but that doesn't make me immune to everything. I'm sure there are plenty of undetected exploits that exist, but I'm not about to go wiping my PCs on a whim or through unfounded paranoia. If these "talented" hackers really are that determined to get into systems, they'll find a way somehow. They're often not detected until it's too late and the damage is already done. Although, they wouldn't find much of interest on my PCs as I don't keep anything personal or highly sensitive on them.
This isn't the first time malicious code has been slipped into a legit piece of software, and it certainly won't be the last time.
After reading the blogs and info from Cisco, it appears these were sophisticated attacks, mostly targeting tech firms. We're talking the "type" of attacks that were at the state sponsored level (I'm not saying they were, I'm just quoting). If I were to wipe my device on the advice of the many ill-informed articles (I'm not talking about security experts here, I'm talking about some casual tech writers who I've often seen giving poor advice), then I'd be wiping my systems once a week.
The point of my original post was not meant to be about how relevant/irrelevant viruses are - it was about some of the articles jumping the gun before the facts were even out. I see a lot of it lately.
If it had come from security experts, then I would be inclined to agree with it. But, I was specifically talking about some of the sites who seem to enjoy clickbait scare-mongering. I'm not about to start wiping my systems on the advice of some 3rd rate tech writer (no offence to the decent tech writers out there). There's a big difference between those and a security expert.
There's enough fear, paranoia and scare-mongering in the world these days as it is. Most of it comes from BS articles and media. It actually puts me off a lot of the internet lately, to the point where I'm using a lot of sites much less these days. In recent years, just some of the headlines are enough to make me shake my head in annoyance.
And those particular click-bait articles don't help matters! To them they see the word Virus and it's panic stations... All hands on deck... Tell the world to wipe wipe wipe format format format! The apocalypse is upon us!
Okay that last part may be a slight exaggeration but you get my point!
If I see a post from some legit security experts telling me I'd better wipe or restore an old image - then I'll restore an old image before I go to the nuke it option.
So far, all I've seen from security experts is some info that the 2nd stage payload affected a small number of organisations, they are advising those organisations be on the safe side and re-image from backups. The advice for home users is to upgrade to the latest version of CCleaner with new signed certificates.
Until I see more concrete facts, I'm not about to go wiping all my systems, even though I did briefly have v5.33 installed on some of them. It would take me weeks to get all my systems back up and running. Actually, more like months as I plan to have a social life too!