Hackers hid malware in official CCleaner app and millions are at risk
CCleaner, a popular Windows app for system optimization and maintenance, has at some point been hijacked by hackers, potentially tricking millions of people into installing malware on their personal computers.
The threat was discovered by security researchers at Cisco Talos, who noticed that CCleaner was triggering their malware protection systems on Sept. 13. After looking into the problem, they realized that CCleaner version 5.33 came together with dangerous malware.
To make matters worse, we're not talking about downloading the app on some shady third-party site. Users who downloaded CCleaner directly from the official site, as recently as Sept. 11, were in fact downloading the infected version of the software.
SEE ALSO:Beware, Google Play Store gets caught distributing malwareAccording to Cisco Talos, only version 5.33 of the software is affected, and the more recent 5.34 version of CCleaner is malware-free. The malware doesn't do much damage by itself, but opens up the possibility for hackers to remotely install other malware, with potentially devastating consequences.
This was confirmed by the app's maker, Piriform, which was acquired by anti-virus software maker Avast in July. In a blog post, the company's VP of Products Paul Yung said that another one of it software products, CCleaner Cloud (version 1.07.3191), has also been affected.
These two apps were "illegally modified before (they were) released to the public," the post said. "The threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker and we’re moving all existing CCleaner v5.33.6162 users to the latest version. Users of CCleaner Cloud version 1.07.3191 have received an automatic update."
UPDATE: Sept. 19, 2017, 9:31 a.m. UTC According to Piriform, only 32-bit versions of the software are affected.
It's currently unknown who's behind the hack, or how they managed to sneak malware into official CCleaner installs. "At this stage, we don’t want to speculate how the unauthorized code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it," Yung said.
The CCleaner app is very popular -- Piriform claimed 2 billion CCleaner downloads and 5 million desktop installs weekly as of Nov. 2016. The infected version of the software was released on Aug. 15, meaning that millions of users are potentially at risk.
While Piriform claims that it was "able to disarm the threat before it was able to do any harm," it's unclear whether this is really the case. Users who'd had undetected malware on their computers for (potentially) a month could've had their data stolen or their systems compromised in other ways.
Unfortunately, there's very little users could've done to prevent this from happening, as the malware came with an official app, hosted on an official server. Everyone who installed CCleaner in the period from August 15 until now should update to the newest version of the software and run an anti-malware scan.
Featured Video For You
Sticker photos that come to life might just be cooler than instant film
(责任编辑:行业动态)
- The Composer Has No Clothes
- 'Never Give In' is part of United's DNA: Solskjaer
- 'Watch Dogs: Legion' preview: Four hours of 'Far Cry 2' memories
- US envoy for North Korea to meet with incoming gov't officials
- I used the Pixel 9 Pro XL in the shower — does the screen work when wet as claimed?
- I Deleted All My Social Accounts: Three Weeks Without Social Media
- iPhone users blame Apple Music for quickly draining battery
- Aerial tanker heads to Kazakhstan to repatriate remains of Korean freedom fighter
- 文明参与交通 共享和谐畅通
- Trump won't stop making a deceptive bird claim. Experts debunk it.
- Confederate flag license plates at all
- 强化监管力度 保证市场秩序井然
- iPhone users blame Apple Music for quickly draining battery
-
Essential Apps to Install on your Windows PC or Mac
You just bought a new laptop, built a new desktop PC, or are simply clean installing on a new solid ...[详细] -
Meet White Castle's new robot chef, Flippy
Move over human grill cooks, White Castle is teaming up with Miso Robotics to test an automated sous ...[详细] -
YouTube will block copyright trolls from swiping creators’ revenue
YouTube is making good on its promise to defend its creators from copyright trolls, specifically thi ...[详细] -
Instagram let a marketing company scrape users' location data
Speaking at the 2019 F8 developers' conference, Mark Zuckerberg assured the gathered crowd that "the ...[详细] -
Secretary of State Antony Blinken speaks during a joint news conference with NATO Secretary General ...[详细]
-
Putin fall White House visit sought by Trump, Sanders says.
Nooooooooooo:In Helsinki, @POTUS agreed to ongoing working level dialogue between the two security c ...[详细] -
Foreign ministry ‘closely monitoring’ situation in Afghanistan
Ministry of Foreign Affairs (Yonhap)South Korea is closely monitoring the situation in Afghanistan, ...[详细] -
Remains of Korean independence fighter Hong Beom
An honor guard of South Korea's military carries a portrait of Hong Beom-do, a historic independence ...[详细] -
Ruling bloc divided on foreign nannies' pay
A hundred Filipina domestic helpers arrive at Incheon Airport on Aug. 6. (Pool photo via Yonhap)Sout ...[详细] -
Every Apple, Google, and Samsung phone you can buy with a headphone jack
In the not-too-distant past, you used to be able to buy a smartphone knowing that any pair of headph ...[详细]
- 10 Places to Get to Know Paul Bunyan
- 肿瘤患者的福音 射频消融治疗肿瘤
- US envoy for North Korea to meet with incoming gov't officials
- Instagram let a marketing company scrape users' location data
- To Russia, with Love
- Military to spend W37.5b for drone purchase next year
- North Korea urges tighter antivirus efforts against prolonged COVID