Hackers have accessed a computer used to develop the popular PC optimizing software and added malicious code.
(CCM) — CCleaner, the hugely popular free software which speeds up computers, has been hacked, and users of the affected versions could become infected with ransomware and other malware, according to a Reuters report.
The version of CCleaner which was released in August included remote administration software which made attempts to connect to various websites to download additional software such as ransomware without the knowledge of users, according to Craig Williams, a security researcher at Cisco.
Because the affected software was digitally signed, it appears that unknown hackers gained access to one of the computer systems used to develop CCleaner without the developers detecting the breach. Since CCleaner does not update itself, users of version 5.33.6162 (and version 1.07.3191 of CCleaner Cloud) will continue to be at risk unless they delete the software and download the latest version, which contains no malicious code. In total, more than two million users downloaded the two affected versions.
CCleaner, made by the British software firm Piriform, is downloaded about five million times every week. It removes applications, cookies, and unnecessary registry entries to speed up the devices it runs on. Pirifirm was bought by Czech Republic-based security vendor Avast in July 2017.
Image: © Piriform.