Alert Over Booby-trapped Security Software

LaptopImage copyright Getty Images
Image caption Users of CCleaner are being urged to upgrade to the latest version

A security company has issued a warning after its software was compromised by malicious hackers.

Piriform told users a booby-trapped version of its CCleaner software had been made available in August and September.

Millions of people use the CCleaner program to remove unwanted junk from Android phones and Windows PCs.

Piriform's owner, Avast, said it had managed to remove the compromised version before any harm had been done.

It appears that it was only the Windows version of CCleaner that was compromised.

Cleaning up

If the malicious hackers who had managed to subvert the software had not been spotted, they could have remotely taken over the devices of the 2.27 million people who had downloaded version 5.33 of the program, said Paul Yung, from Piriform.

Mr Yung said the company had spotted some "suspicious activity" on 12 September that led it to discover version 5.33 had been "illegally modified" before it had been made available to the public.

The modified version was available for about a month.

The modifications made infected machines contact some recently registered web domains - a tactic often used by cyber-thieves who then use this route to install more damaging software on compromised devices.

The impact of the infection had been limited, said Mr Yung, because relatively few people automatically updated the CCleaner software.

Anyone who had downloaded the compromised version of CCleaner was now being moved to the latest uninfected version, he said.

"To the best of our knowledge, we were able to disarm the threat before it was able to do any harm," said Mr Yung.

He apologised for any inconvenience that had been caused and said the company's investigation into the attack was "ongoing".

Separate analysis by Cisco's Talos security group suggests whoever was behind the attack on CCleaner had managed to get access to the server Piriform used to host new versions of the software.

Talos researcher Craig Williams told the Reuters news agency the attack had been "sophisticated" because it had targeted a trusted server and sought to make the booby-trapped version look legitimate.

"There is nothing a user could have noticed," he said.

RECENT NEWS

The Power Of AI: Microsoft's Cloud Sales Reach New Heights

In the ever-evolving landscape of technology, Microsoft has emerged as a frontrunner, leveraging the transformative powe... Read more

Uncovering The Tactics: How Hackers Exploit Developing Countries In Ransomware Testing

In recent years, there has been a concerning rise in hackers using developing countries as testing grounds for ransomwar... Read more

From Silicon Valley To Down Under: Musk's Defense Of Public Interest In The Digital Era

In recent headlines, tech titan Elon Musk has once again captured global attention, this time for his intervention in an... Read more

The Global Semiconductor Landscape: Navigating Through Market Shifts Post Samsung's Earnings Triumph

In the first quarter of 2024, Samsung Electronics announced a staggering 931% surge in operating profits, reaching 6.6 t... Read more

The Balancing Act: Google's Paywalled AI And The Quest For Digital Equity

In an era where artificial intelligence (AI) is no longer the stuff of science fiction but a daily utility, Google's lat... Read more

The Meteoric Rise Of Anthropic: Valuation And The Future Of AI

In an era where artificial intelligence (AI) is not just a buzzword but a cornerstone of technological advancement, Amaz... Read more

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy.