Is your computer infected? Popular free software distributed malware to millions

Hackers have successfully compromised CCleaner, the popular system maintenance tool's app by injecting malware into it and then distributed it to millions of users.

Mr Yung said the company had spotted some "suspicious activity" on 12 September that led it to discover version 5.33 had been "illegally modified" before it had been made available to the public.

The attacker added malware to the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191.

This was confirmed by the app's maker, Piriform, which was acquired by anti-virus software maker Avast in July.

Piriform advised users with CCleaner v5.33.6162 or CCleaner Cloud v1.07.3191 installed on their machines to delete them and download new versions as soon as possible (the software does not update automatically).

According to a report, CCleaner was found out to be infected.

A computer program used to help your PC run faster has reportedly become the latest victim of hackers looking to breach the security of millions of its users.

White House press secretary says Jemele Hill's comments are a 'fireable offense'
After all, she's the one who essentially compared the President of the United States to the Grand Wizard of the Ku Klux Klan. Before ascending to the " SportsCenter " chair in February, Hill and Smith co-hosted "His & Hers" on weekday mornings.

"We identified that even though the downloaded installation executable was signed using a valid digital signature issued to Piriform, CCleaner was not the only application that came with the download", wrote Cisco Talos in a blog.

The code collected information about the computer it was running on, encrypted it and submitted it to an external IP address.

"At this stage, we don't want to speculate how the unauthorized code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it". Avast Piriform believes that the security threat was contained and tackled before the breach was able to harm any customers.

The malicious code in question is a two-stage backdoor which hooks up to a command and control server, capable of running code transmitted from a remote PC with obvious potential for various nastiness. The investigation is still ongoing.

Talos researcher Craig Williams told the Reuters news agency the attack had been "sophisticated" because it had targeted a trusted server and sought to make the booby-trapped version look legitimate.

To assure CCleaner users that they won't be compromised like this again, Avast also started moving the Piriform build environment to the Avast infrastructure and will move the Piriform staff to the Avast internal IT System.

  • Ronnie Bowen