CCleaner Hacked Infecting Millions with Backdoor Malware

Image Courtesy

Hackers compromised CCleaner in a sophisticated attack that affected over 2 million computers, security researchers and Piriform confirmed Monday.

Cisco's Talos security group said the affected version of CCleaner was available on Piriform's website from 15 August to 12 September, or almost one month.

According to the Cisco Talos researchers, the 32-bit version of the v5.33.6162 of CCleaner and the v1.07.3191 of CCleaner Cloud contained a multi-stage malware payload that rode on top of the installation during the period between August 15 and September 12. This is an unusual attack as antivirus software is trusted by consumers and meant to protect against this type of malware.

Despite the release of updated versions of the compromised software, the Cisco Talos research team is advising all those who downloaded the compromised versions of CCleaner to wipe their computers.

An instance of a backdoored CCleaner version has been first flagged by Cisco, while customer beta testing their new exploit detection technology. When the Petya/NotPetya malware infected computers across Ukraine and the world in July, it was spread by an infected piece of software.

"Working with USA law enforcement, we caused this server to be shut down on the 15th of September before any known harm was done", said the company in the announcement.

"The compromise could cause the transmission of non-sensitive data...to a 3rd party computer server in the US", the company said. CCleaner is free software that can improve the performance of a computer.

Julia Louis-Dreyfus Makes Emmy History With Sixth 'Veep' Lead Actress Win
In addition, other female-driven shows - Black Mirror ("San Junipero"), The Crown and Feud: Bette and Joan - won two Emmys each. If awards were handed out for best worst dancing , Julia Louis-Dreyfus would have an extra Emmy to add to her mantle.

Piriform told users a booby-trapped version of its CCleaner software had been made available in August and September.

The regular and cloud-based versions of CCleaner, which has been downloaded over 2 billion time worldwide as of November 2016 and adds about 5 million new users a week, have since been patched and the US-based server to which the malicious code sent system information has been shut down.

The impact of the infection had been limited, said Mr Yung, because relatively few people automatically updated the CCleaner software.

Also, if you updated your CCleaner software during that nearly month-long block of time, things are not looking good. CCleaner users need to install version 5.34 or higher. Piriform, perhaps unsurprisingly, says everything is taken care of and you can just update and chill.

"At this stage, we don't want to speculate how the unauthorized code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it", he said.

He apologised for any inconvenience that had been caused and said the company's investigation into the attack was "ongoing".

The Cisco Talos researchers recommended that affected systems - of which there could be thousands - should be restored to a state before August 15 2017 or reinstalled.

Related News:

  • Blow For Barcelona As Dembele Out For Four Months

    Blow For Barcelona As Dembele Out For Four Months

    Barcelona have revealed that €105 million signing Ousmane Dembele will undergo surgery on his injured hamstring on Tuesday. He hobbled off the pitch after just 25 minutes in his first La Liga start as Barca beat Getafe 2-1 on Saturday.

    Emmys saw winners, political jabs and Sean Spicer

    Oh, and lots of Trump jokes. " Saturday Night Live " won a total of nine Emmys on Sunday and at last week's Creative Arts Emmys. Kate McKinnon won the Best Actress statue for her impersonation of Hillary Clinton on the show .

    Arizona Cardinals: Mistakes give Colts 10-3 halftime lead

    Veteran teams know how to take advantage of the opponent's mistakes, and that's exactly what the Cardinals did to the Colts. He also had some strong performances in the preseason, so he may be able to find moderate success with the Colts.
  • United Kingdom proposes European Union treaty to protect security ties

    Gambling firm Paddy Power on Monday made Johnson the clear favorite to be the next minister to leave cabinet. Statistics Authority chief David Norgrove called the figure "a gross misuse of official statistics".
    Xbox and PlayStation Owners Enjoyed a Fleeting Moment of Crossplay

    Xbox and PlayStation Owners Enjoyed a Fleeting Moment of Crossplay

    After this news came to light, many other threads started popping up on the official subReddit, confirming similar encounters. Sony later ruled out cross-platform play with Minecraft on the Xbox One as well.
    USC gets revenge, beats Texas in Rose Bowl rematch

    USC gets revenge, beats Texas in Rose Bowl rematch

    He has a big arm, he's elusive even though he's not really a runner, and he's undeniably confident in his abilities. It also may have pushed Trojans quarterback Sam Darnold to the front of the line of Heisman Trophy candidates .
  • Indian government seek to deport 40000 Rohingya

    Indian government seek to deport 40000 Rohingya

    Earlier, India has announced that it plans to deport an estimated 40,000 Rohingya Muslim refugees living illegally in the country. The Centre filed an affidavit in the Supreme Court on Monday on the Rohingya matter.

    India vs Australia 2017: 1st ODI Cricket Match

    In the end he would depart in the final over of India's innings but not before he made made a brilliant 79 runs. Australia were reduced to 29/3 with debutant opener Hilton Cartwright (1), Smith and Head back in the pavilion.
    Philippe Coutinho has no plans to join Barcelona next summer

    Philippe Coutinho has no plans to join Barcelona next summer

    It is bad news for Anfield boss Jurgen Klopp , who has endured a stressful summer with Barcelona bidding up to £138million for Philippe Coutinho .
  • Toys R Us may file for bankruptcy before the holidays

    Toys R Us may file for bankruptcy before the holidays

    The sources said that plans to file for bankruptcy are not set in stone, and if it does go through, the timing could change. The company and its restructuring advisers are considering filing for Chapter 11 protection in the U.S.
    Nursing Homes Plan `Summit' on Generator Order

    Nursing Homes Plan `Summit' on Generator Order

    In 2006, a bipartisan bill to require all nursing homes to have generators when power is out failed after the industry objected. The order followed the deaths of eight elderly people this week at a sweltering nursing home north of Miami that lost power.

    Pelosi Shouted Down by Activists Over DACA Deal With Trump

    Trump has said he wants to protect those immigrants, despite his decision to wind down the program doing so over six months. Pelosi eventually left the news conference as protesters called her a "liar" and chanted "leave office".


Most liked

Alex Oxlade-Chamberlain needs time to adapt at Liverpool, says Jurgen Klopp
Liverpool should forget about winning the title and focus on securing another top-four finish this season, Robbie Savage says. And, that Jon Flanagan will be part of the squad for Liverpool at Leicester.

AP Top 25: Defending champion Clemson makes move to No. 2
Coming into their Week 3 game against 18th-ranked Kansas State, Vanderbilt was somewhere between a 4-6-point underdog at home. Other Big 12 schools in the AP poll include Oklahoma State (No. 6, up three spots) and TCU (16, up four spots).

Jet fuel shortage in Auckland will impact on Wellington Airport
New Zealand-based Z Energy (ZEL.NZ) said it was informed of the leak in the 170-kilometer-long pipeline on Thursday afternoon. Normally direct flights from the U.S. and Asia will stop at airports in Australia and the Pacific to refuel.