Recent versions of utility program CCleaner shipped with a hidden backdoor

Robyn Valdez
September 20, 2017

CCleaner, the computer-optimizing tool made by software company Piriform, was successfully infected by malware, according to security firm Cisco Talos.

CCleaner, developed by Piriform, is free software created to clean-up a user's computer and remove unwanted files.

Cisco Talos, who first spotted CCleaner's vulnerability before informing Piriform, said that the compromised software may have already affected millions of users, and the extent of the damage done by the attack is still unclear.

Note to criminals: I was not using version 5.33.6162.

Manchester United overcame tough test against Everton - Ander Herrera
It does not look too good at the moment but I know we are more than good enough to turn this around. "Be realistic. "If we get the positives from here and show for the next game, I believe we will grow and we will come (good)".

According to an alert from Cisco Talos, once the malware was installed, attackers could potentially gain access to the user's computer and other connected systems to steal sensitive personal data and/or credentials that could be used for online banking or other online activities.

The affected software included version 5.33.6162 of CCleaner, and version 1.07.3191 CCleaner Cloud for 32-bit Windows, which were released on 15 August and 25 August, respectively.

The August version of CCleaner was discovered containing the issue of vulnerability. As a result, computers sent IP addresses and a list of installed applications from the users' computers to a server located in the US.

Avast believes that 2.27 million users had downloaded the infected software on their 32-bit Windows machines.

Europa League: Iwobi inspires Gunners win
It was reported that around 20,000 supporters of the German club had made the journey to north London for the group stage opener. Tonight's game takes place at the Emirates stadium while kick-off is scheduled for 20:05 (GMT).

"To the best of our knowledge, we were able to disarm the threat before it was able to do any harm", said Mr Yung.

"The compromise could cause the transmission of non-sensitive a 3rd party computer server in the U.S.", the company said. If you're still anxious, or want to ensure you've got the most recent version of CCleaner, you can reach their download page here and do it yourself.

Yung declined to speculate on how the code appeared in CCleaner or where the attack originated from.

To assure CCleaner users that they won't be compromised like this again, Avast also started moving the Piriform build environment to the Avast infrastructure and will move the Piriform staff to the Avast internal IT System.

Palace announces Prince William, Kate expecting third child
But it is not yet clear whether the Duchess, who is less than 12-weeks pregnant, will be well enough to join the school run. Due to this, she canceled her scheduled engagement at the Homsey Road Children's Centre in London on the same day.

Supply chain attacks like this are often a very effective way to distribute malware into organizations, because attackers are relying on the trusted relationship between a manufacturer or supplier and their customer, Cisco Talos wrote in their report.

Other reports by Info About Network

Discuss This Article