Hackers have successfully breached CCleaner’s security to inject malware into the app and distribute it to millions of users. Piriform has confirmed that last month hackers were able to gain access to their servers and inject malicious software into both CCleaner and CCleaner Cloud (CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191.
CCleaner has been downloaded more than 2 billion times according to Avast, 2.27 million users have been affected by the attack
The malware was also programmed to collect a bunch of user data, including:
- Name of the computer
- List of installed software, including Windows updates
- List of running processes
- MAC addresses of first three network adapters
- Additional information whether the process is running with administrator privileges, whether it is a 64-bit system, etc.
Our advice is that users of CCleaner check their apps version number to see whether or not they are using a compromised version. Users of these malicious versions of CCleaner should uninstall the app immediately and install an up-to-date version to replace it. Make sure you download the (v5.34.6207) version. It does not contain this exploit.