Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast's own figures, 2.27 million ran the affected software, though the company said users should not panic.
The affected app, CCleaner, is a maintenance and file clean-up software run by a subsidiary of anti-virus giant Avast. It has 2 billion downloads and claims to be getting 5 million extra a week, making the threat particularly severe, researchers at Cisco Talos warned. Comparing it to the NotPetya ransomware outbreak, which spread after a Ukrainian accounting app was infected, the researchers discovered the threat on September 13 after CCleaner 5.33 caused Talos systems to flag malicious activity.
Further investigation found the CCleaner download server was hosting the backdoored app as far back as September 11. Talos warned in a blog Monday that the affected version was released on August 15, but on September 12 an untainted version 5.34 was released. For weeks then, the malware was spreading inside supposedly-legitimate security software.
https://www.forbes.com/sites/thomasbrewster/2017/09/18/ccleaner-cybersecurity-app-infected-with-backdoor/