Author Topic: CCleaner compromised  (Read 3785 times)

0 Members and 1 Guest are viewing this topic.

Offline Maik

  • Administrator
  • Forum Deity
  • *****
  • Posts: 35160
CCleaner compromised
« on: Monday, 18 September, 2017 @ 14:46:46 »
Quote
Security Notification for CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 for 32-bit Windows users

We recently determined that older versions of our Piriform CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 had been compromised. We resolved this quickly and believe no harm was done to any of our users. This compromise only affected customers with the 32-bit version of the v5.33.6162 of CCleaner and the v1.07.3191 of CCleaner Cloud. No other Piriform or CCleaner products were affected. We encourage all users of the 32-bit version of CCleaner v5.33.6162 to download v5.34 here: download. We apologize and are taking extra measures to ensure this does not happen again.
http://www.piriform.com/news/release-announcements

Most people are probably using 64-bit version but a good idea to update to latest version, 5.34, if using a previous version.

Offline Maik

  • Administrator
  • Forum Deity
  • *****
  • Posts: 35160
Re: CCleaner compromised
« Reply #1 on: Thursday, 21 September, 2017 @ 15:45:53 »
Now seems this was a targeted attack, so most users aren't of great interest to the malware controllers. Bad news appears to be that it affected 64-bit PCs as well.

Latest from Avast (new owners of CCleaner):

Quote
For consumers, we stand by the recommendation to upgrade CCleaner to the latest version (now 5.35, after we have revoked the signing certificate used to sign the impacted version 5.33) and use a quality antivirus product, such as Avast Antivirus. For corporate users, the decision may be different and will likely depend on corporate IT policies. At this stage, we cannot state that the corporate machines could not be compromised, even though the attack was highly targeted.
https://blog.avast.com/progress-on-ccleaner-investigation