CCleaner Hacked With Malware: What You Need To Know
PCWorld|November 2017
CCleaner Hacked With Malware: What You Need To Know

More than 2 million users possibly at risk.

Michael Simon

It seems that CCleaner, one of PCWorld’s recommendations for the best free software for new PCs (go.pcworld.com/fspc), might not have been keeping your PC so clean after all. In an in-depth probe of the popular optimization and scrubbing software, Cisco Talos (go. pcworld.com/ssct) has discovered a malicious bit of code injected by hackers that could have affected more than 2 million users who downloaded the most recent update.

On Sept. 13, Cisco Talos found that the official download of the free versions of CCleaner 5.33 and CCleaner Cloud 1.07.3191 also contained “a malicious payload that featured a Domain Generation Algorithm as well as hardcoded Command and Control functionality.” What that means is that a hacker infiltrated Avast Piriform’s official build somewhere in the development process build to plant malware designed to steal users’ data.

Cisco Talos suspects that the attacker “compromised a portion of (CCleaner’s) development or build environment and leveraged that access to insert malware into the CCleaner build that was released and hosted by the organization.” As such, customers’ personal information was not at risk.

articleRead

You can read up to 3 premium stories before you subscribe to Magzter GOLD

Log in, if you are already a subscriber

GoldLogo

Get unlimited access to thousands of curated premium stories, newspapers and 5,000+ magazines

READ THE ENTIRE ISSUE

November 2017