Avast CCleaner Utility 'Installed Malware' For One Month

CCleaner software hacked to spread 'backdoor' malware to more than 2 million people

CCleaner software hacked to spread 'backdoor' malware to more than 2 million people

However, Piriform said it had taken action to ensure users of the affected versions of CCleaner were safe by removing them from download sites.

The distribution technique, known as a supply chain attack, is the method used to spread the NotPetya in June, which initially infected systems that installed a compromised version of a widely-used Ukraine accounting software package.

Ccleaner, the hugely popular free software which speeds up computers, has been hacked, and users of the affected versions could become infected with ransomware and other malware, according to a Reuters report.

The attacker added malware to the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191.

"This (incident) is very troublesome because it indicates that attackers were able to control a critical piece of the infrastructure used by the vendor", he said.

If your system used the compromised version of CCleaner it may actually be a smarter move to roll your system back to a date prior to the release of the versions containing the malicious code to make sure all elements of the bad code are gone. Users of our cloud version have received an automated update.

According to its parent company Avast, more than 130 million people use the performance optimisation software CCleaner.

CCleaner was developed by Piriform, which was bought by security company Avast earlier this year, prior to the recent update that contained malware.

Warren applauds judge for blocking Trump sanctuary city rules
San Francisco, Los Angeles and the state of California also sued the federal government over the threat of losing Byrne grants . Let's be clear what the city of Chicago and other sanctuary cities are fighting so hard for.

The researchers detected the malware in the app in 13 September while performing beta testing of a new exploit detection technology. The breach could let hackers collect computer names, IP addresses, and lists of what software people use, but no sensitive data was collected, it added. "The investigation is still ongoing", said Piriform's VP of products, Paul Young.

Because the malware remains present, even after users update the CCleaner software, affected users should remove and reinstall everything on the machine and restore files and data from a backup made before 15 August.

Piriform issued a statement on September 18th, 2017.

Cisco said its records showed hundreds or thousands of systems attempting to access the control servers specified by the malware during the period it was being installed by CCleaner.

The affected version of CCleaner (v5.33) was released on August 15, which gave the malware nearly a month to infect CCleaner users.

"At this stage, we don't want to speculate how the unauthorized code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it".

He also notes the company first noticed suspicious activity on September 12, 2017, before further investigation revealed "the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public".

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.