"A version of CCleaner downloaded in August included remote administration tools that tried to connect to several unregistered web pages, presumably to download additional unauthorized programs, security researchers at Cisco’s Talos unit said. Talos researcher Craig Williams said it was a sophisticated attack because it penetrated an established and trusted supplier in a manner similar to June’s “NotPetya” attack on companies that downloaded infected Ukrainian accounting software." - Cisco "Piriform has confirmed that two programs released in August were compromised. It advised users of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 to download new versions. A spokeswoman said that 2.27 million users had downloaded the August version of CCleaner while only 5,000 users had installed the compromised version of CCleaner Cloud. Piriform said that Avast, its new parent company, had uncovered the attacks on Sept. 12. A new, uncompromised version of CCleaner was released the same day and a clean version of CCleaner Cloud was released on Sept. 15, it said....CCleaner does not update automatically, so each person who has installed the problematic version will need to delete it and install a fresh version, he said." Piriform
"A version of CCleaner downloaded in August included remote administration tools that tried to connect to several unregistered web pages, presumably to download additional unauthorized programs, security researchers at Cisco’s Talos unit said.
Talos researcher Craig Williams said it was a sophisticated attack because it penetrated an established and trusted supplier in a manner similar to June’s “NotPetya” attack on companies that downloaded infected Ukrainian accounting software." - Cisco
"Piriform has confirmed that two programs released in August were compromised. It advised users of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 to download new versions. A spokeswoman said that 2.27 million users had downloaded the August version of CCleaner while only 5,000 users had installed the compromised version of CCleaner Cloud.
Piriform said that Avast, its new parent company, had uncovered the attacks on Sept. 12. A new, uncompromised version of CCleaner was released the same day and a clean version of CCleaner Cloud was released on Sept. 15, it said....CCleaner does not update automatically, so each person who has installed the problematic version will need to delete it and install a fresh version, he said." Piriform
So, if you have the versions of CCleaner mentioned above on your machine, uninstall them and get the bewest version.
Thanks for the heads up, I.D.
Source:
http://www.reuters.com/article/us-fpc-outlook/fingerprint-cards-hit-by-falling-smartphone-sensor-prices-idUSKCN1BT0XO
Just checked mine. I have version 5.32.0.6129 installed. Good thing I forgot to dl version 5.33 even though I was told it was available. Dumb luck I suppose. Thanks Doc for the heads up.
Sure glad I never upgraded mine, am still using 5.00.
Yes...just check your installed version number.....only the one is a bad egg...
I recently did a clean install of Win 10 and went straight to version 34. Before that I had version 32, so was lucky to have missed the 'buggy' one.
Same with me! I was notified of the update but didn't bother as I had already decided to perform a reformat and a clean install of Windows.
As for dumb luck or prior planning, it was good to have missed version 33, right!
I have the potentially hacked version installed.
Wait is the paid version free of the hack? That's what I have.
I installed an update about 5 minutes ago before I read this post.
Version5.34.6207
I do not remember what my previous version was. Should I completely uninstall ccleaner and start again.
Macca
Hi Aussi,
Installing version 5.34 overwrites the bad dll, so no worries, mate!
I just finished an article about this at: https://davescomputertips.com/how-to-fix-ccleaner-botnet-infection/
Richard
Thanks Richard,
MalwareBytes is already flagging the 533 installer .exe as a trojan. FWIW.
It seems to be the 32-bit version , they say the 64-bit version is OK.
There are many great features available to you once you register, including:
Sign in or Create Account
