Have you downloaded or updated CCleaner in the last month? If so, make sure that you read this blog post to find out more about the latest piece of software to get hacked.
CCleaner has put its users at risk by releasing a version of its software with Trojan and Malware included.
It has been revealed that antivirus firm Avast accidentally released a compromised version of CCleaner to its users.
CCleaner is a popular free software for improving your computer’s performance by cleaning up unused files on your computer, like downloaded files, install files and recycle bin files. Its popularity has seen its growth rate reach 5 million new users per week.
CCleaner is made by Piriform, which is owned by Avast Antivirus, a leading computer security company.
Hackers managed to infect a version of CCleaner that was released in August. This version of CCleaner was a legitimate release and certified by the developers for distribution. Users would have downloaded the software or updated their version of CCleaner to have received the corrupted version, putting their computers at risk.
Piriform has announced that the affected programs include:
It has been confirmed that 2.27 million users had downloaded the compromised version of CCleaner and approximately 5,000 users installed CCleaner Cloud.
This form of attack is a very effective way to infect computers because it preys on the trust that a user has with a supplier. CCleaner is extremely popular because it's a free tool and has been a reliable piece of software in the past.
Piriform has said that they 'don't want to speculate how the unauthorised code appeared in the CCleaner software' at this stage.
But, for the software to have been affected by the malware, the development environment had to have been compromised and the malware inserted before release.
Fortunately, Cisco Talos detected the issue on 13th September and notified Avast of the security risk. Avast quickly responded by removing the affected version from distribution. They have since uploaded a new version for users to download and update CCleaner, which should remedy the situation and remove the malware.
While the issue has been resolved quickly, this is particularly damaging to Avast who sell security products and who have had their own security breached.
Avast has advised users to download new versions of the software, which should resolve the issue.
However, if you have any further questions, or concerns, please contact our IT Support team.