If you are the regular user of CCleaner and downloaded the recent update on your computer, you are at a risk. The recent update of CCleaner distributed malware.
CCleaner is the software to clean up the system and optimize its performance. It was created by Piriform and recently acquired by Avast. CCleaner has over 2 billion downloads and claims to see 5 million downloads a week.
Up to 60% on SpeakersUp to 60% on Speakers on Year end sale
Researchers from Cisco Talos discovered that the download servers used by Avast were compromised by some unknown hackers who replaced the original software with malicious one and distributed it to all users for over a month.
If you downloaded or updated the CCleaner between August 15 and September 12, your system has been compromised.
Avast and Piriform have both confirmed that the Windows 32-bit version of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 were affected by the malware.
This malware was programmed to collect data from the computer. This data includes computer name, list of installed software, list of running processes, IP and Mac addresses along with few other details
The company estimated that up to 3 percent of its users (up to 2.27 million people) could be affected by this malware. But they failed to confirm the exact figure.
If you use CCleaner, you must update it with the recent version. You can download here. Even if you are not sure you downloaded the software or updated it in given time frame, you should update it to the latest version to avoid any issue.
It is good that the malware was not very harmful and it was just collecting the information. It could be a ransomware affecting millions of users to demand Ransom. We have already seen few big attacks in recent months. Security companies like Avast should take extra care.