Yusuf On SecuritySecurity news, opinion and advice

Avast owned CCleaner software infects millions of users

A popular software developed by a subsidiary of Avast were infiltrated. An unknown entity maliciously hid malware in the form of backdoor in Piriform CCleaner, a widely used cleaning utility. Piriform was acquired by Avast back in July 2017.

This is the type of application used for those who are more tech-savvy to  clean debris left behind by infection or malicious changes. It is also a popular tool to speed up machines.

The 32 bit and cloud versions for Microsoft  Windows were both comprised as explained by security notification on CCleaner’s support forum. The version are CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191.

This is very concerning as the malicious code in question was signed none other than the developer’s own certificate.

 

If you are using version 5.33.6162, you should upgrade to 5.33.6163. This will provide a lightweight automatic update and thus remove the backdoor from your system. Note, removing the software may not remedy the infection; an upgrade will be more effective. It is also important to know that those using the free version are out of luck as this does not include the ability to automatically update.

Author
Yusuf
Join the discussion

Further reading

What will it take?

A great piece on what it will take to improve the safety of the connected world. Read it here.

Extended detection and response (XDR)

Extended detection and response (XDR) captures threat data from previously isolated security tools throughout the organizations tech stack to enable...

Log4j Vulnerabilities

Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called...

Recent podcasts