CCleanerK a popular Windows app for system optimization and maintenance, has at some point been hijacked by hackers, potentially tricking millions of people into installing malware on their personal computers.
The threat was discovered by security researchers at Cisco Talos, who noticed that CCleaner was triggering their malware protection systems on Sept. 13. After looking into the problem, they realized that CCleaner version 5.33 came together with dangerous malware.
To make matters worse, we're not talking about downloading the app on some shady third-party site. Users who downloaded CCleaner directly from the official site, as recently as Sept. 11, were in fact downloading the infected version of the software.
SEE ALSO: Beware, Google Play Store gets caught distributing malwareAccording to Cisco Talos, only version 5.33 of the software is affected, and the more recent 5.34 version of CCleaner is malware-free. The malware doesn't do much damage by itself, but opens up the possibility for hackers to remotely install other malware, with potentially devastating consequences.
This was confirmed by the app's maker, Piriform, which was acquired by anti-virus software maker Avast in July. In a blog post, the company's VP of Products Paul Yung said that another one of it software products, CCleaner Cloud (version 1.07.3191), has also been affected.
These two apps were "illegally modified before (they were) released to the public," the post said. "The threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker and we’re moving all existing CCleaner v5.33.6162 users to the latest version. Users of CCleaner Cloud version 1.07.3191 have received an automatic update."
UPDATE: Sept. 19, 2017, 9:31 a.m. UTC According to Piriform, only 32-bit versions of the software are affected.
It's currently unknown who's behind the hack, or how they managed to sneak malware into official CCleaner installs. "At this stage, we don’t want to speculate how the unauthorized code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it," Yung said.
The CCleaner app is very popular -- Piriform claimed 2 billion CCleaner downloads and 5 million desktop installs weekly as of Nov. 2016. The infected version of the software was released on Aug. 15, meaning that millions of users are potentially at risk.
While Piriform claims that it was "able to disarm the threat before it was able to do any harm," it's unclear whether this is really the case. Users who'd had undetected malware on their computers for (potentially) a month could've had their data stolen or their systems compromised in other ways.
Unfortunately, there's very little users could've done to prevent this from happening, as the malware came with an official app, hosted on an official server. Everyone who installed CCleaner in the period from August 15 until now should update to the newest version of the software and run an anti-malware scan.
Topics Cybersecurity
Best robot vacuum deal: Save $500 on Roborock Qrevo Edge
Wordle today: The answer and hints for June 22, 2025
So... You Want to Become a Penetration Tester?
AI is helping creators go 'global from Day 1'
Best LG B4 OLED TV deal: Save $200 at Best Buy
Apple is looking into buying Perplexity AI
Best gaming deal: Get the Lenovo Legion Go for $200 off at Amazon
How to set up a Microsoft passkey before August deadline
The rise of YouTube: 20 years of creators, culture, and content at VidCon
Today's Hurdle hints and answers for June 21, 2025
Tips for Playing PlayerUnknown's Battlegrounds
Wordle today: The answer and hints for June 22, 2025
How to use YouTube Shopping: Tips from VidCon 2025
OtterBox 15W MagSafe wireless charging stand: $14.95
Here's how I feel about all this Stephen Hawking 'news' going around
Jon Bernthal's Punisher will be back in 'Spider
Honduras vs. El Salvador 2025 livestream: Watch Concacaf Gold Cup for free
How CPUs are Designed and Built
Best Dyson deal: Save over $100 on Dyson V11 Origin cordless vacuum
BTS is done with military service, and the internet is thrilled
Shocked capybara from 'Planet Earth II' is the internet's new heroNew artificial intelligence technique could erase fear from your brainJay Pharoah breaks out his bigly Donald Trump impression at the AMAsAn advanced weather satellite will launch to space Saturday: Watch it hereBest and worst moments of the 2016 American Music AwardsAlec Baldwin responds to Donald Trump's latest 'Saturday Night Live' attackApple will replace batteries on iPhone 6S devices that are unexpectedly shutting downThe harsh reality that dog petting polar bears don't existIs red wine destined to become the new rosé?Pissed off fans get refunds after disastrous Kanye West showLady Gaga'a countryArguments over the true colour of these stupid flip flops can now ceasePartying gets dangerous as teens Snapchat balcony hoppingBritish model issues lengthy, sincere apology for cultural appropriationThis podcast will help you fall (and stay) asleepAmericans are now fighting over where Melania and Barron Trump will liveBest and worst moments of the 2016 American Music AwardsNetflix announces not one, but three new Dave Chappelle specialsJay Pharoah breaks out his bigly Donald Trump impression at the AMAsApple's holiday ad delivers heartfelt chills Adorable barber shop dog just wants a little off the ears, please Inspirational photo shows the real dedication of working moms Facebook sets up holiday pop Boy tries to single Kim Kardashian, Chrissy Teigen defend North West's passion for fashion Here's why drinkers should hit the gym UPS is getting dragged for a super Scrooge Elon Musk is ready and tweeting ahead of his tunnel opening party Intense video shows the moment a diver was attacked by a great white shark Apple Music Connect joins Ping in the graveyard of Apple services Facebook pushes back on claims that outside fact This ladder is just running away like a coward YouTube announces it removed more than 58 million videos last quarter Donald Trump will attend 9/11 memorial event at ground zero The 'Neo Yokio' holiday special is an anticolonialist fever dream 40 easy (and free) ways to feel festive this holiday season 400 students showed up to sing to their teacher battling cancer Clinton camp reveals pneumonia diagnosis after 9/11 event The 22 most romantic pop culture moments of 2018 Pacific Life pulls Tucker Carlson ads as the Fox host faces backlash