3aIT Blog

CCleanerIt has recently been discovered that the installer for CCleaner, a very popular program for automatically tidying and freeing up space on a PC, was hijacked for nearly a month in such a way that everyone that installed it was infected with a trojan.

Estimates suggest that over 2 million people downloaded the program during the period it was infected. This began on August 15th and ended on September 12th. Anyone that grabbed a new version or updated their existing version during this time will have been affected.

This incident was discovered by Cisco Talos. They notified Avast (current owners of the CCleaner program) on September 13th. Avast immediately took steps to remove the affected installer at this point.

The suspect version of the app has a version number of 5.33. Anyone that installed this will have also installed a trojan that is capable of spying on everything the user does online.

Avast have acknowledged the problem, and advise anyone with the affected version to upgrade immediately. They suggest the affected users are now safe as they have been able to disarm the threat.

Note - this will only be an issue for those that installed or updated the program within the affected time frame. This will be a small proportion of the millions that have this product installed. Those that had an older (or newer) version installed will not have been affected, even if they used the app during this time frame.