AfterDawn: Tech news

Piriform: CCleaner malware disaster was caused by a hacker

Written by Petteri Pyyny @ 19 Sep 2017 5:22 User comments (1)

Piriform: CCleaner malware disaster was caused by a hacker It was revealed recently that super-popular computer cleaning software CCleaner included malware with its official distribution package. Now, the details of this disaster have been unfolded.
In Reuters article the author company behind the CCleaner, British Piriform, tells about the incident. According to them, a hacker had breached their systems sometime back in August and gained access to resources that allowed hacker to inject malicious code to the official distribution package, while still having the official CCleaner security certificate attached to the package.

Malware was distributed with CCleaner version v5.33 that was released in August. According to Piriform, more than 2 million users had downloaded that specific version and were therefor breached.



Malware itself only worked in 32-bit Windows versions and required administrator right in order to run properly. It collected information about the victim's computer, victim's installed software and files. According to Piriform, malware had elements to download more software and install them, but those elements weren't initiated by the malware before its detection.

Malware was detected by Cisco's security company Talos on 12th of September. Immediately after the discovery, Talos contacted Piriform's owner, Avast and notified them. Avast then released a cleansed version of v5.33 on the same day and contacted U.S. law enforcement authorities. With the assistance of the U.S. authorities, they managed to shut down the U.S. -based server the malware was trying to contact.

Three days later, on 15th of September, company released a new version, v5.34, hoping that people would immediately update to the new version. However, as CCleaner doesn't do automatic updates, those more than 2 million users who installed v5.33 now need to manually uninstall v5.33 and reinstall newer v5.34 in order to get rid of the infected version.

Talos calls the hack "very sophisticated one" and users who installed the infected software had no way of knowing that the version they were installing, wasn't the authentic one.

You can download the latest, clean version of CCleaner from here:

Download latest, clean version of CCleaner (from AfterDawn's own servers)

..you can alternatively download the latest version also from Piriform's homepage.

Previous Next  

1 user comment

119.9.2017 11:27

If hacker scumbags like this only redirected their efforts to something more productive and beneficial, the world would be a better place.

I'm all about the hack but shit...if the hacker doesn't get to experience the fallout, WHAT'S THE F'ING POINT!

Comments have been disabled for this article.

Latest news

Guide: How to Kick Unwanted Guests from Your Netflix Account Guide: How to Kick Unwanted Guests from Your Netflix Account (26 Jan 2023 2:14)
Sharing a Netflix account with a person in a different location is possible and indeed very common, although the company doesn't necessarily enjoy this behavior from their customers. However, ....
Guide: Turn an Old Computer Into a Chromebook Easily and for Free Guide: Turn an Old Computer Into a Chromebook Easily and for Free (07 Jan 2023 2:11)
Do you know someone whose computer is way beyond its best-before date, and they, unfortunately, do know have the skills or the expertise to do much about it? Or do you own a pile of old laptop ....
2 user comments
How to Choose a Robot Vacuum? How to Choose a Robot Vacuum? (07 Jan 2023 9:12)
Robot vacuums are meant to make day-to-day life easier in several ways. When they are used efficiently, they can keep the house clean continuously - at least when it comes to floors. In addition, ....
2 user comments
Tech year 2022 wrapped up: The rise of the AI, EU to become the much-needed counterweight to tech giants, ... Tech year 2022 wrapped up: The rise of the AI, EU to become the much-needed counterweight to tech giants, ... (01 Jan 2023 2:11)
AfterDawn's wrap-up for the tech year 2022. The rise of the artificial intelligence was probably the most significant change that occurred during the year 2022, but there were many other interesting developments, too.
2 user comments
OPPO to follow Samsung, OnePlus: Promises 4 Android updates, 5 years of patches for upcoming flagships OPPO to follow Samsung, OnePlus: Promises 4 Android updates, 5 years of patches for upcoming flagships (21 Dec 2022 3:45)
OPPO has updated its official Android update policy. Phone manufacturer now promises four major Android operating system updates for its new flagship phones.
4 user comments

News archive