Hackers hid malware in official CCleaner app and millions are at risk
CCleaner, a popular Windows app for system optimization and maintenance, has at some point been hijacked by hackers, potentially tricking millions of people into installing malware on their personal computers.
The threat was discovered by security researchers at Cisco Talos, who noticed that CCleaner was triggering their malware protection systems on Sept. 13. After looking into the problem, they realized that CCleaner version 5.33 came together with dangerous malware.
To make matters worse, we're not talking about downloading the app on some shady third-party site. Users who downloaded CCleaner directly from the official site, as recently as Sept. 11, were in fact downloading the infected version of the software.
SEE ALSO:Beware, Google Play Store gets caught distributing malwareAccording to Cisco Talos, only version 5.33 of the software is affected, and the more recent 5.34 version of CCleaner is malware-free. The malware doesn't do much damage by itself, but opens up the possibility for hackers to remotely install other malware, with potentially devastating consequences.
This was confirmed by the app's maker, Piriform, which was acquired by anti-virus software maker Avast in July. In a blog post, the company's VP of Products Paul Yung said that another one of it software products, CCleaner Cloud (version 1.07.3191), has also been affected.
These two apps were "illegally modified before (they were) released to the public," the post said. "The threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker and we’re moving all existing CCleaner v5.33.6162 users to the latest version. Users of CCleaner Cloud version 1.07.3191 have received an automatic update."
UPDATE: Sept. 19, 2017, 9:31 a.m. UTC According to Piriform, only 32-bit versions of the software are affected.
It's currently unknown who's behind the hack, or how they managed to sneak malware into official CCleaner installs. "At this stage, we don’t want to speculate how the unauthorized code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it," Yung said.
The CCleaner app is very popular -- Piriform claimed 2 billion CCleaner downloads and 5 million desktop installs weekly as of Nov. 2016. The infected version of the software was released on Aug. 15, meaning that millions of users are potentially at risk.
While Piriform claims that it was "able to disarm the threat before it was able to do any harm," it's unclear whether this is really the case. Users who'd had undetected malware on their computers for (potentially) a month could've had their data stolen or their systems compromised in other ways.
Unfortunately, there's very little users could've done to prevent this from happening, as the malware came with an official app, hosted on an official server. Everyone who installed CCleaner in the period from August 15 until now should update to the newest version of the software and run an anti-malware scan.
Featured Video For You
Sticker photos that come to life might just be cooler than instant film
-
Norris stuns Verstappen at Dutch GPFacebook seems to think it can advertise to more U.S. millennials than actually exist爱心汇聚能量 真情共筑希望Pakistani social media star Qandeel Baloch was a revolutionary.水产品占“四席”!广州南沙十个农产品上榜“国字号”Alloy nanoparticles cut cost of platinum and increase life of hydrogen fuel cellsWe hardly knew ye, TrumpApple could use a different set of names for the next iPhonesYes, big spiders are spreading in the U.S. No, they're not flying.Mike Pence's religion: Why the Trump VP pick is quiet about his beliefs.
- ·21 Unexpected Wonders in Colorado’s Vibrant Cities and Small Towns
- ·The terrifying domestic horror of Netflix's 'The Haunting of Hill House'
- ·N. Korea unresponsive to regular contact via inter
- ·Texas voter ID law ruled illegal under the Voting Rights Act.
- ·The AI stock bubble has burst. Here's how we know.
- ·N. Korea holds politburo session on agriculture without leader Kim's attendance
- ·S. Korea mulls tightening sanctions against N. Korea over missile launches
- ·China bans ICOs for being full of fraud and pyramid schemes
- ·Cheap heat
- ·These award
- ·7 best celebrities to dress up as for Halloween
- ·Two 'Bachelor: Vietnam' contestants who fell in love on the show are now a couple
- ·24 Museums Dedicated to Black History
- ·Hands on with the LG V30's video recording
- ·Catholics in Korea increased nearly 50% over past 20 years: report
- ·Moon’s security adviser to hold 3
- ·Which is Faster for Gaming, Windows 10 or Windows 11?
- ·S. Korea mulls tightening sanctions against N. Korea over missile launches
- ·BBC presenter wins posthumous radio award for cancer podcast
- ·积极应对施工难题保质保量完成建设
- ·Garmin Fenix 8 vs. Apple Watch Ultra: The Fenix wins big on battery life
- ·8月 我市列入省重点工业及技改项目完成投资13亿余元
- ·N. Korea fires 2 ballistic missiles into East Sea: S. Korean military
- ·Alloy nanoparticles cut cost of platinum and increase life of hydrogen fuel cells
- ·New Grok response directs users to Vote.gov for election questions
- ·Atletico see off Levante for third win on the bounce
- ·Expanded police surveillance will get us “broken windows” on steroids.
- ·North Korea fires ballistic missiles as US aircraft carrier prepares for drills with South Korea
- ·8月 我市列入省重点工业及技改项目完成投资13亿余元
- ·为产业重建把脉问诊 为“双攻坚”建言献策
- ·Revolutionary grid
- ·RED reveals how the 'holographic display' in its Hydrogen phone works
- ·从化岭丰糯荔枝,全国银奖!
- ·“银发族经济”有待开发
- ·Footage of Kim Yo
- ·Texas voter ID law ruled illegal under the Voting Rights Act.