CCleaner is a free tool that is meant to optimize system performance on Windows computers and Android devices. This morning, Piriform, the maker of CCleaner, announced that hackers had compromised some versions of the software, unleashing malicious software meant to collect personal data. The number of affected users is thought to be just under 4 million – or about 3 percent of users. The infected versions of the tool are CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191.
The good news is that Piriform found out and reacted quickly to the crisis. Working with law enforcement, it shut down the United States server to which all user information was being sent on September 15, explaining that it had not made the threat known to the public in order not to impede with investigation and potentially spooking the hackers. Once they were satisfied that the threat had been taken care of, they made the information public in a blog post published this morning and that the action was taken “before any known harm was done”. The attacks were noticed by Piriform on September 12, and the infected versions of CCleaner released in August.
While this information is, to say the least, unsettling, Piriform assured its users that their information was now safe, and are urging every affected users who haven’t yet upgraded to the latest version of the software to do so without delay. They also stated that “…and we’re moving all existing CCleaner v5.33.6162 users to the latest version. Users of CCleaner Cloud version 1.07.3191 have received an automatic update.”
It isn’t yet known what the hackers were intending to do with the information – computer names, IP addresses, installed and active software, in short, non-sensitive information. Avast isn’t releasing any information, if it has any, because, as CTO Ondrej Vlcek told Tech Crunch, a law enforcement investigation is currently underway. He believes that the hacker(s) must have used a computer that had been used to create CCleaner to launch the attack, andn that Piriform is moving its entire build environment to a more secure infrastructure that will be provided by Avast. Hopefully, Piriform will be able to ensure that such events do not happen again in the future.