CCleaner needs to clean this mess
CCleaner needs to clean this mess

2.27 Million CCleaner Users Ran Affected Software. Now What?

By Leonardas Marozas

Avast recently announced a backdoor in a popular security application CCleaner. Possibly 2.27 million users were affected by this exploit.

The application was an opening for getting more malware (ransomware or keyloggers) to be deployed to infected computers.

What happened and what’s the impact?

CCleaner 5.33 was affected and available for download since August 15th to September 12th. It’s worth mentioning that only 32bit version was affected and Piriform does not comment on how malicious code got inserted during compilation by the compiler yet. But we should wait for more specific comments on this case.

The more interesting point is that CCleaner was compromised one month after Avast acquired it. Despite the fact that Avast’s Piriform released and pushed security update for CCleaner users, its reputation has taken a big hit. It’s a security product that is compromised while millions of users were using its software, receiving commands from malicious command and control center.

Though Microsoft stated that the company is against the usage of such software as CCleaner and other “cleaners”, CCleaner has grown reputation during years for the speed and accuracy of the improvements done to Microsoft Windows operating systems.

One of the main reasons for the popularity of such apps is that users are not satisfied with native tools, provided by Microsoft.

What should you do if you used CCleaner’s 32-bit 5.33 version?

  • If you were using CCleaner and updated to 32-bit 5.33 version, go to their website and update CCleaner to 5.34 version as soon as possible.
  • You are also urged to change your passwords, possibly enable 2-factor authentication where it is possible.
  • Run antimalware/antispyware solution on your computer to check the current situation.
  • Backup your data for the impact of the compromised software is still not known. Then you can decide if you need to reinstall your operating system or continue using it.