Hackers infiltrate popular free PC cleaning software


The latest security breach targeted British software firm Piriform, known for its free software CCleaner. (Image: CCleaner via CNN)

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

Even if you’re cautious, it’s still possible for hackers to infiltrate your computer.

The latest security breach targeted British software firm Piriform, known for its free software CCleaner. Hackers compromised CCleaner in a sophisticated attack that affected over 2 million computers, security researchers and Piriform confirmed Monday.

CCleaner deletes unneeded files and web browser caches to keep Windows computers free of junk. But hackers were able to successfully place malware into a new version, released in August. This allowed them to control infected computers.

Piriform said in a blog post its parent company Avast discovered the hack affected two products — CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 — on September 12. The firm has since updated the software.

The company said it worked with law enforcement to shut down the hacker’s server “before any known harm was done.” The breach could let hackers collect computer names, IP addresses, and lists of what software people use, but no sensitive data was collected, it added.

Researchers from security firm Cisco Talos, which detected the hack, call it a “supply chain attack.” Attackers got into the original computer system where the software was built, and those who downloaded would have no way of knowing their computer was compromised

Research indicated the hacker was collecting information, like reconnaissance, about infected computers, according to Talos researcher Craig Williams.

In July, Avast acquired Piriform and said about 130 million people use CCleaner.

“The malware works like a loader,” Williams said. “The bad guy could take any kind of malware he wanted, like ransomware, and push that down to end users.”

The strategy is similar to the major global NotPetya attack in June that targeted Ukrainian tax software, Williams added. Hackers infected trusted software and people downloaded it without realizing it contained malware.

Piriform advises Windows users to check if they are running compromised versions, delete the app, and install the new safe version.

Copyright 2021 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Trademark and Copyright 2021 Cable News Network, Inc., a Time Warner Company. All rights reserved.

Most Read

Top Stories

More Home Page Top Stories