CCleaner Hacked

Rat

VIP Member
VIP Member
Joined
Aug 29, 2001
Messages
41,825
Reaction score
12,523
Not sure if you guys have heard about this, see it on HUKD

It looks like the software has been hacked with around 2 million people compromised.

The hack has targeted two versions of CCleaner that were released in August.

  • CCleaner v5.33.6162
  • CCleaner Cloud v1.07.3191

"For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner," researchers explained. "On September 13, 2017, Cisco Talos immediately notified Avast of our findings so that they could initiate appropriate response activities.

We estimate that 2.27 million users had the v5.33.6162 software, and 5,010 users had the v1.07.3191 of CCleaner Cloud installed on 32-bit Windows machines. We believe that these users are safe now as our investigation indicates we were able to disarm the threat before it was able to do any harm.

There is no indication or evidence that any additional malware has been delivered through the backdoor. In the case of CCleaner Cloud, the software was automatically updated. For users of the desktop version of CCleaner, we encourage them to download and install the latest version of the software.

Given the presence of this compilation artifact as well as the fact that the binary was digitally signed using a valid certificate issued to the software developer, it is likely that an external attacker compromised a portion of their development or build environment and leveraged that access to insert malware into the CCleaner build that was released and hosted by the organisation. It is also possible that an insider with access to either the development or build environments within the organisation intentionally included the malicious code or could have had an account (or similar) compromised which allowed an attacker to include the code."

Clean versions of CCleaner (12th September) and CCleaner Cloud (15th September) have now been released.
Hackers compromised free CCleaner software, Avast's Piriform says
 
Very sad that the very systems that are supposed to protect your system can do the exact opposite.
I wasn't aware the Piriform (UK company?) is owned by Avast.
 
  • Like
Reactions: Rat
not great news when a lot of different forums have been recommending it for years.
 
Sad news, to be honest I never liked it. Always thought it was bloated.

Mick
 
Back
Top