Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads — 2.3 Million Infected

Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads — 2.3 Million Infected

September 18th, 2017
No Comments on Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads — 2.3 Million Infected

Users of Avast-owned security application CCleaner for Windows have been

advised to update their software immediately, after researchers discovered

criminal hackers had installed a backdoor in the tool.


														
							

The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast’s own figures, 2.27 million ran the affected software, though the company said users should not panic.

The affected app, CCleaner, is a maintenance and file clean-up software run by a subsidiary of anti-virus giant Avast. It has 2 billion downloads and claims to be getting 5 million extra a week, making the threat particularly severe, researchers at Cisco Talos warned. Comparing it to the NotPetya ransomware outbreak, which spread after a Ukrainian accounting app was infected, the researchers discovered the threat on September 13 after CCleaner 5.33 caused Talos systems to flag malicious activity.

Further investigation found the CCleaner download server was hosting the backdoored app as far back as September 11.

The malware would send encrypted information about the infected computer – the name of the computer, installed software and running processes – back to the hackers’ server. The hackers also used what’s known as a domain generation algorithm (DGA)

Source