Cisco Talos says the malicious version of CCleaner was released on August 15; it notified Piriform-CCleaner's UK-based developer, which was acquired by Avast in July-on September 13 and the server was shut down.
CCleaner is supposed to block malware, not grant access to it. This means PCs running the affected version of CCleaner might be vulnerable to keyloggers, ransomware and other similar security threats. Everyone who installed CCleaner in the period from August 15 until now should update to the newest version of the software and run an anti-malware scan.
Cisco Talos, who first spotted CCleaner's vulnerability before informing Piriform, said that the compromised software may have already affected millions of users, and the extent of the damage done by the attack is still unclear.
Piriform have said that CCleaner version 5.33.6162 on 32 bit Windows were compromised by the hackers. The malware could steal various types of data from devices, including IP addresses, network adapters and active software. Yung said, "Based on further analysis, we found that the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public, and we started an investigation process". On September 15, law enforcement was able to shut down the attackers' command and control servers, and Avast released CCleaner version 5.34, which no longer contained the malware.More news: Daesh Targets Karbala Pilgrims, 50 Killed
Piriform's CCleaner was purchased by the popular anti-virus developer Avast back in July and, according to researchers at Cisco Talos, hackers were able to compromise the software just a month later.
It is essential that all users remove the version of CCleaner containing the malware as its structure will allow it to hide on your system and update itself for up to a year.
"The compromise could cause the transmission of non-sensitive data...to a 3rd party computer server in the US", the company said. According to Piriform, malware had elements to download more software and install them, but those elements weren't initiated by the malware before its detection. Again, make sure to update to the latest version of CCleaner as soon as possible. Hackers added a backdoor code to be used for additional malware uploads at a later date.