The free CCleaner software was compromised with malware

Sep 20, 2017, 00:55
The free CCleaner software was compromised with malware

The malicious software was somehow injected into a downloadable copy of CCleaner, which is a desktop maintenance app, and distributed to more than 2 million users over that time period. Two versions of the software released in August were affected, the company said.

The malicious code attempted to connect computers with recently registered web domains - a common tool used by hackers to download further malware onto infected computers. "No other Piriform or CCleaner products were affected". The basic version of CCleaner doesn't include an automatic update feature, so Yung urged users to update. The just-released September 13 version is said to be clean, according to Avast, with its 2 billion users who are not affected. The unaffected version 5.34 was released on September 12, but those who downloaded the tool during the weeks that version 5.33 was available may have unwittingly installed the backdoor.

"The compromise could cause the transmission of non-sensitive data (computer name, IP address, list of installed software, list of active software, list of network adapters) to a third party computer server in the United States of America", said Piriform in this blog post.

According to the Avast, an estimated number of 2.27 million ran the malware infected software. The ulterior motive of the hackers may not be just to hack client systems' data but to break the trust of the customers on softwares like CCleaner that try to protect users from cyber threats.

More news: Recapping college football polls after Week 3

"We identified that even though the downloaded installation executable was signed using a valid digital signature issued to Piriform, CCleaner was not the only application that came with the download", wrote Cisco Talos in a blog.

"To the best of our knowledge, we were able to disarm the threat before it was able to do any harm", Yung says.

This malware was programmed to collect data from the computer.

You can download version 5.34 of CCleaner here.

More news: London bombing is reason to expand United States travel ban

CCleaner doesn't update automatically, instead opting to ask users if they'd like to update.

While Avast and Piriform are not speculating on how long the attackers might have been in the CCleaner servers, Cisco's Talos research group has made its own observations.

The good news is that Piriform has already fixed the vulnerability, taken down the server and, for those running the Cloud version (1.07.3191) of its software, the update has been automated.

More news: Dortmund game is like a final for Spurs - Pochettino