Hackers compromised the popular PC optimisation software CCleaner’s free version in August potentially allowing them to control the device of 2.27 million users.
Unidentified hackers illegally modified software version CCleaner 5.33.6162 during its build process. The software was shipped with a malware which starts running as soon as it is installed at the user’s end. The malware was spotted by Morphisec, a computer security company.
The threat has been mitigated and users have been sent notifications to download a fresh version with the malware removed. “Let me say that the threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker, and we’re moving all existing CCleaner v5.33.6162 users to the latest version. Users of CCleaner Cloud version 1.07.3191 have received an automatic update. In other words, to the best of our knowledge, we were able to disarm the threat before it was able to do any harm,” said Paul Yung, VP Products at Piriform which makes CCleaner.
The hackers could collect details about a user’s computer via the malware. The code which was inserted in the build collected: Name of the computer, list of installed software, including Windows updates, list of running processes, MAC addresses of first three network adapters among other things.
The parent company of Piriform, Avast Software refuted the claims that 2 billion users were affected by the breach. “As only two smaller distribution products (the 32-bit and cloud versions, Windows only) were compromised, the actual number of users affected by this incident was 2.27 million. And due to the proactive approach to update as many users as possible, we are now down to 730,000 users still using the affected version (5.33.6162). These users should upgrade even though they are not at risk as the malware has been disabled on the server side,” Vince Steckler, CEO of the company wrote in a blog post.
Avast said that they ‘strongly suspect’ that the breach happened at the time when Piriform was a standalone company. Avast acquired Piriform on July 18, 2017.
[“Source-moneycontrol”]
