CCleaner: 2m users install anti-malware program … that contains malware

Hackers hid malware in CCleaner antivirus software

CCleaner has gotten compromised in a massive security breach which could affect upwards of 2.27 million users of the popular clean-up software. In a blog post, the company's VP of Products Paul Yung said that another one of it software products, CCleaner Cloud (version 1.07.3191), has also been affected.

In Reuters article the author company behind the CCleaner, British Piriform, tells about the incident. Everyone who installed CCleaner in the period from August 15 until now should update to the newest version of the software and run an anti-malware scan.

Avast encourages anyone using CCleaner to upgrade to version 5.34 or higher.

"The compromise could cause the transmission of non-sensitive data (computer name, IP address, list of installed software, list of active software, list of network adapters) to a third party computer server in the U.S.", said Piriform in this blog post. After further investigation, Piriform discovered that the program had been "illegally modified before it was released to the public", meaning that users who downloaded the CCleaner installer from the official website were actually receiving a compromised version of the software. Today, developer Piriform has acknowledged that recent versions of CCleaner and CCleaner Cloud have been compromised with a hidden backdoor, though the company says that it has since disarmed the threat (via Windows Central).

However, those running the standard version will want to ensure they have updated to the latest version, particularly if they downloaded it in the past month.

More news: BSF jawan killed in Pak firing along Jammu border
More news: Trump uses London 'terror' attack to promote his 'Muslim ban'
More news: Dembele buzzing after winning Barcelona debut alongside Messi

"We confirmed that this malicious version of CCleaner was being hosted directly on CCleaner's download server as recently as September 11, 2017", the researchers wrote. The CCleaner software contains the proper digital certificate which will make the computers to trust the program automatically.

A popular PC maintenance application distributed malicious code for a period of almost one month after hackers apparently accessed the company's servers, according to both the firm and independent security researchers.

Yung declined to speculate on how the code appeared in CCleaner or where the attack originated from.

"There is nothing a user could have noticed", Reuters quoted Talos researcher Craig Williams as saying.

Related News:



Most liked

Sunday evening: Maria is now a hurricane
The storm's sustained winds remained at 90 miles per hour and the storm was moving northwest at 9 miles per hour . Risky surf and rip currents are expected along the east coast of the United States as Jose moves closer to land.

India says Rohingya pose a 'security threat'
The immigrants are spread over Jammu, Hyderabad , Haryana, Uttar Pradesh, Delhi-NCR and Rajasthan. The Rohingya are one of Myanmar's many ethnic minorities in the Buddhist-majority nation.

Clemson passes Oklahoma for No. 2 ranking
Also new to the top 25 are San Diego State , Utah and OR which are ranked 22nd, 23rd and 24th, respectively. Ohio State ran all over the Sooners with 291 rushing yards in a 45-24 win in Norman, Oklahoma, last season.

Oppose the Graham-Cassidy health reform bill
Bill Cassidy (R-LA), would repeal the individual and employer mandate as well as a number of the taxes established under the ACA. Rand Paul , R-Ky., has said he will not vote for the measure because it leaves too much of the Affordable Care Act in place.

Asaduddin Owaisi asks Narendra Modi not to view Rohingyas as Muslims
The central government on Thursday in their "unfinalised affidavit" had said that Rohingyas pose a security threat to the country. Union Minister of State for Home Kiren Rijiju told the media that no affidavit has been filed in the Supreme Court on the issue.

Kaspersky Labs' Banned by US, Amid Security Concerns
The Kremlin has criticized the United States government's latest ban, describing it as unfair competition. Already the large retailer Best Buy has decided not to sell Kaspersky products in its stores.

Wenger surprised game went ahead after crowd problems
Only 3,000 tickets are available to away supporters but that has not stopped many more making the journey from western Germany. It's finally here, the day we've been dreading since the final day of last season, match day 1 of the Europa League .

Cardinals' David Johnson dislocated wrist in Week 1
Arians was referring to Johnson's rookie season, when he took over as starter when Chris Johnson went down with a knee injury. Johnson had 1,239 rushing yards, 870 receiving yards and 20 total touchdowns in 2016, his first All-Pro season of his career.

Poland fall to no.6 in Federation Internationale de Football Association ranking
At the top of the pile Germany ousted previous top side Brazil , with Portugal , Argentina and Belgium rounding out the top five. India has played three matches in the last one month, with two wins (against Macau and Mauritius) and a draw ( St.

Sanders Suggests ESPN Anchor Should Be Fired For Calling Trump 'A Bigot'
ESPN , for their part, have not fired Hill, although they did release a craven statement calling the comments "inappropriate". Hill had tweeted: " Donald Trump is a white supremacist who has largely surrounded himself w/ other white supremacists".

Democrats on Voter Fraud Panel Join Those Criticizing It
More than 6,500 people using out-of-state driver's licenses registered to vote in New Hampshire on November 8. Kander said he was among 200 people protesting the voter fraud commission meeting in Manchester.

IOC Makes It Official: Stage Set for LA to Host 2028 Olympics
The announcement follows the IOC's landmark July decision to award both Summer Olympics simultaneously. The IOC had said it did not want to create any "losers" in this process.

Man chops through debris to clear roadway after Hurricane Irma hits Florida
Hurricane Irma made landfall in Florida over the weekend, causing widespread damage, leaving millions of people without power. The military will distribute food and help evacuate 10,000 Keys residents who did not leave before the storm , the U.S.

Eriksen: Spurs stronger in Champions League this season
We've got to perform on the big stage . "With Wembley, we need to adapt our game", said boss Mauricio Pochettino . But despite the intimidating opposition, Pochettino wants his side to make a fast start to the campaign.

Trump admin appeals travel ban refugee ruling to Supreme Court
Under the terms of Trump's order, the 90-day travel ban would end before the arguments even happen - on September 27. Lower courts blocked both provisions, but the Supreme Court in June allowed certain parts to stand provisionally.