A popular PC cleaning software used by over 130 million people put users at risk after hackers were able to insert malware into legitimate downloads. By any chance, if you have downloaded or updated CCleaner application on your computer between the period of August 15 and September 15' 2017 from it's official website, then kindly pay attention because of high chances that your system is at huge risk.
Trustworthiness is everything when it comes to antivirus software. Malware developers are changing their attacks all the time so you have to hope that the tools you’re using to fight them are keeping up. Millions of users trust the free CCleaner by Avast/Piriform, a big name in the space, to be that tool. It was found to be hosting a "multi-stage malware payload" that could install ransomware or keyloggers that steals data from infected computers and sends it to attacker's remote command-and-control servers.
In the past, attackers would create fake alternatives of popular applications and trick people into downloading them. The trend now, however, is to attack the download source directly and gain access to legitimate servers. Once they are in, it's a case of loading the trusted software with a nefarious payload, with the end-user being none the wiser. Attackers have shown that they are willing to leverage this trust to distribute malware while remaining undetected.
What does the malware do?
It gathers information like your IP address, computer name, a list of installed software on your computer, a list of active software and a list of network adapters and sends it to a third-party computer server.
Who was infected?
According to Piriform, around 3 percent - roughly 2.27 million computers - used the infected software. Specifically, computers running 32-bit Windows 10.
How do I know if I have the corrupted version?
The versions that were affected are CCleaner v5.33.6162 or CCleaner Cloud v1.07.3191 for 32-bit Windows PCs. The Android version for phones doesn't seem to be affected. If you've updated your software since September 12, you should be ok. This is when the new, uncorrupted version was released. Also, if you have the Cloud version, it should have automatically updated itself by now to the clean version.
How to Remove Malware From Your PC?
The impact of this attack could be severe given the extremely high number of systems possibly affected. Affected users are strongly recommended to update their CCleaner software to version 5.34 or higher, in order to protect their computers from being compromised. The latest version is available for download here.
This is also just a great reminder to practice safe computer security habits in general. Also be sure to regularly scan and back up your computer to prepare for the worst. In a cyber-security world where even your official antivirus can give you a virus, you can never be too safe.
In the past, attackers would create fake alternatives of popular applications and trick people into downloading them. The trend now, however, is to attack the download source directly and gain access to legitimate servers. Once they are in, it's a case of loading the trusted software with a nefarious payload, with the end-user being none the wiser. Attackers have shown that they are willing to leverage this trust to distribute malware while remaining undetected.
What does the malware do?
It gathers information like your IP address, computer name, a list of installed software on your computer, a list of active software and a list of network adapters and sends it to a third-party computer server.
Who was infected?
According to Piriform, around 3 percent - roughly 2.27 million computers - used the infected software. Specifically, computers running 32-bit Windows 10.
How do I know if I have the corrupted version?
The versions that were affected are CCleaner v5.33.6162 or CCleaner Cloud v1.07.3191 for 32-bit Windows PCs. The Android version for phones doesn't seem to be affected. If you've updated your software since September 12, you should be ok. This is when the new, uncorrupted version was released. Also, if you have the Cloud version, it should have automatically updated itself by now to the clean version.
How to Remove Malware From Your PC?
The impact of this attack could be severe given the extremely high number of systems possibly affected. Affected users are strongly recommended to update their CCleaner software to version 5.34 or higher, in order to protect their computers from being compromised. The latest version is available for download here.
This is also just a great reminder to practice safe computer security habits in general. Also be sure to regularly scan and back up your computer to prepare for the worst. In a cyber-security world where even your official antivirus can give you a virus, you can never be too safe.