Popular PC application CCleaner is designed to help you free up space, delete unwanted apps and files, and remove invalid Windows Registry entries, among other things. In other words, the utility formerly known as “Crap Cleaner” helps… clean up the crap on your PC.
So it’s kind of troubling to learn that a hacked version was distributed between August 15th and September 12th.
CCleaner is developed by a company called Piriform, which was recently acquired by Avast, a company known for making security software. While Avast is in the business of offering tools that help protect your PC, the company’s software (including CCleaner) is installed on millions of computers, which makes Avast a pretty attractive target for hackers.
What seems to have happened in this case is that someone modified CCleaner 5.33.6162 and CCleaner Cloud version 1.07.3191 for 32-bit Windows computers before those programs were released to the public. So a backdoor was included in those builds when Avast/Piriform released them.
The company was notified on September 12th that data from CCleaner was being sent to an unknown IP address.
It’s not clear at this point how much information has been transmitted, how many machines were infected, or how hackers managed to get their code into the version of CCleaner that was officially served up by Piriform’s servers. The company says it’s still investigating the situation and has notified law enforcement agencies.
Anyway, if you still have CCleaner 5.33 on your computer, now is probably a good time to update (or uninstall) it.