Hackers have infiltrated popular utility program CCleaner, leveraging the program to deliver malware to two million unsuspecting users.
If you own a PC with a wobbly installation of Windows, you’ve likely used Piriform’s excellent CCleaner to defrag your system at some stage. However, developments took a turn for the worse this week when it emerged that a team of hackers had managed to slip sophisticated malware into the program.
Antivirus provider Avast – which owns Piriform and by extension CCleaner – announced that some 2.27 million estimated customers have downloaded and ran an installation of CCleaner that has been laced with malware and distributed through a hacked server.
The news is damaging, considering that Avast reports that CCleaner inherits five million new users each month and has (at the time of writing) reportedly amassed two billion downloads over its lifetime.
The malware in question was found to be hosting a ‘multi-stage malware payload’ – meaning that the system would be capable of installing ransomware or keyloggers to infect and capture unsuspecting systems at command.
Cisco Talos, whose researchers discovered the threat, offered in a blog post that “By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users’ inherent trust in the files and web servers used to distribute updates… This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organizations and individuals around the world – attackers have shown that they are willing to leverage this trust to distribute malware while remaining undetected.”
Avast has clarified that it has successfully managed to “disarm the threat before it was able to do any harm”.
What are your thoughts? How can we guard against malware delivered through hacked copies of popular applications? Be sure to let us know your opinion in the comments below!