Hackers hacked Popular utility tool CCleaner (short for ‘Crap Cleaner’), which promises to clean up your system for enhanced performance. CCleaner was hacked by hackers to distribute malware directly to its users – reported by Cisco Taloss.
CCleaner is a well known security and performance booster app which has more than two billion downloads and million active users. According to CCleaner parent company Avast, Cleaner was infected with a malicious payload code that made it possible to download and execute suspicious software including ransomware and keyloggers. CCleaner developer pifiform and Avast have already confirmed the attack.
The app, which touts more than two billion downloads and over two million active users according to parent company Avast, was infected with a malicious payload that made it possible to download and execute other suspicious software, including ransomware and keyloggers.
While developer Piriform and Avast have already confirmed the attack, the good thing is that there is currently no evidence to suggest the exploit was used to install additional malware.
Along with installing malicious software, malware was also programmed to collect a bunch of user data from Users computers which includes computer name, list of installed software and windows updates, list of all running and available processes, computer MAC addresses, computer administrator information and software/hardware type etc.
Csico Talos’ report warns that the malware was found in CCleaner version 5.33, which was distributed between August 15 and September 12. What is particularly jarring is that it appears the infected app was signed with a valid certificate Symantec issued to Piriform (recently acquired by Avast).
According to reports, the malware-infected version of CCleaner was downloaded by 2.27 million users. Avast chief technical officer Ondrej Vlcek, while speaking to Forbes, said that, “2.27 million is certainly a large number, so we’re not downplaying in any way. It’s a serious incident. But based on all the knowledge, we don’t think there’s any reason for users to panic.
The best solution to overcome this issue is to download latest version for CCleaner from official website.
If you are interested in knowing more about this incident, you can read full report here.