Alert Over Booby-trapped Security Software

LaptopImage copyright Getty Images
Image caption Users of CCleaner are being urged to upgrade to the latest version

A security company has issued a warning after its software was compromised by malicious hackers.

Piriform told users a booby-trapped version of its CCleaner software had been made available in August and September.

Millions of people use the CCleaner program to remove unwanted junk from Android phones and Windows PCs.

Piriform's owner, Avast, said it had managed to remove the compromised version before any harm had been done.

It appears that it was only the Windows version of CCleaner that was compromised.

Cleaning up

If the malicious hackers who had managed to subvert the software had not been spotted, they could have remotely taken over the devices of the 2.27 million people who had downloaded version 5.33 of the program, said Paul Yung, from Piriform.

Mr Yung said the company had spotted some "suspicious activity" on 12 September that led it to discover version 5.33 had been "illegally modified" before it had been made available to the public.

The modified version was available for about a month.

The modifications made infected machines contact some recently registered web domains - a tactic often used by cyber-thieves who then use this route to install more damaging software on compromised devices.

The impact of the infection had been limited, said Mr Yung, because relatively few people automatically updated the CCleaner software.

Anyone who had downloaded the compromised version of CCleaner was now being moved to the latest uninfected version, he said.

"To the best of our knowledge, we were able to disarm the threat before it was able to do any harm," said Mr Yung.

He apologised for any inconvenience that had been caused and said the company's investigation into the attack was "ongoing".

Separate analysis by Cisco's Talos security group suggests whoever was behind the attack on CCleaner had managed to get access to the server Piriform used to host new versions of the software.

Talos researcher Craig Williams told the Reuters news agency the attack had been "sophisticated" because it had targeted a trusted server and sought to make the booby-trapped version look legitimate.

"There is nothing a user could have noticed," he said.

RECENT NEWS

From Chip War To Cloud War: The Next Frontier In Global Tech Competition

The global chip war, characterized by intense competition among nations and corporations for supremacy in semiconductor ... Read more

The High Stakes Of Tech Regulation: Security Risks And Market Dynamics

The influence of tech giants in the global economy continues to grow, raising crucial questions about how to balance sec... Read more

The Tyranny Of Instagram Interiors: Why It's Time To Break Free From Algorithm-Driven Aesthetics

Instagram has become a dominant force in shaping interior design trends, offering a seemingly endless stream of inspirat... Read more

The Data Crunch In AI: Strategies For Sustainability

Exploring solutions to the imminent exhaustion of internet data for AI training.As the artificial intelligence (AI) indu... Read more

Google Abandons Four-Year Effort To Remove Cookies From Chrome Browser

After four years of dedicated effort, Google has decided to abandon its plan to remove third-party cookies from its Chro... Read more

LinkedIn Embraces AI And Gamification To Drive User Engagement And Revenue

In an effort to tackle slowing revenue growth and enhance user engagement, LinkedIn is turning to artificial intelligenc... Read more

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy.