Avast Buys CCleaner Then Distributes an Infected, Hacked Version to Users
We’ve cautioned users against trusting their computers to Avast many times. We based this on the number of computers we’ve worked that had Avast installed and that were infected with malware. We written several warnings about Avast, for instance this one that we wrote in 2014.
In July 2017, Avast purchased Piriform – the company that makes CCleaner. By August 15, 2017, Avast started distributing an infected, hacked version of CCleaner that compromised users’ computers, opened a backdoor for the potential installation of more malware, and allowed the compromised computer to send back personal information to the hijackers.
Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected.
The affected app, CCleaner, is a maintenance and file clean-up software run by a subsidiary of anti-virus giant Avast. It has 2 billion downloads and claims to be getting 5 million extra a week, making the threat particularly severe, researchers at Cisco Talos warned. Comparing it to the NotPetya ransomware outbreak, which spread after a Ukrainian accounting app was infected, the researchers discovered the threat on September 13 after CCleaner 5.33 caused Talos systems to flag malicious activity.
Further investigation found the CCleaner download server was hosting the backdoored app as far back as September 11. Talos warned in a blog Monday that the affected version was released on August 15, but on September 12 an untainted version 5.34 was released. For weeks then, the malware was spreading inside supposedly-legitimate security software. If CCleaner’s claims on user numbers, millions are likely affected.
(read more … )
According the information from Cisco Talos, Avast distributed the compromised, hacked version of CCleaner from August 15, 2017 until September 12, 2017. That means that for nearly four weeks, Avast continued to distribute an infected, hacked CCleaner which contained a backdoor Trojan that was capable of downloading malware, keyloggers, ransomware and other malware onto the user’s computer — without the user’s knowledge. Plus, it open a pathway for the user’s confidential information to be sent surreptitiously to clandestine web servers belonging to the hacker.
It’s a sad state of affairs when a security vendor, who inherently has users’ trust, could allow something like this to happen — let alone take almost 4 weeks to discover it. All that time, Avast/Piriform continued to distribute the compromised CCleaner
If Avast can allow something like this to happen to their own servers and software products, then just how well do you think Avast is protecting your computer? This is really a shame; this is all about a compromised security vendor, something that should never have been allowed to happen.
Sometimes free is just too expensive.
Those of you who are using Emsisoft are protected from the effects of the CCleaner hacking. If you’re not using Emsisoft, consider taking advantage of our special offer.
To those using CCleaner, we urge you to consider an alternative, or at the very least, update CCleaner immediately. If you’re looking for an easy cleanup solution, try Windows Disk Cleanup – it comes with every version of Windows – you already have it.
We use and offer Reg Organizer and it’s discounted for Cloudeight subscribers & readers. While it is not free, it is a great tool for cleanup, tweaking, optimizing and more. Reg Organizer 8.0 has new cleanup and privacy features. You can read more about the newest version of Reg Organizer with enhanced cleanup features here.
Several years ago, we made a decision to recommend Emsisoft to our readers. We did not do so lightly. We spent weeks testing many security and anti-virus programs before we decided on Emsisoft. It’s one of the best decisions we’ve ever made. Not only does Emsisoft provide superior protection, the team behind it provides world-class to support to all our mutual customers.
For the last month or so, we’ve been offering Emsisoft, with a one-year license, plus free installation and set-up by Cloudeight – all for less than the retail price. Now, because of of the Avast/Piriform CCleaner hack, we’re including with our Emsisoft offer, a free checkup to make sure your computer has not been affected. We will completely uninstall your current security software, check your PC for malware, check CCleaner, make sure it’s updated, (or remove it at your request) plus and install and configure Emsisoft (including a one-year license)… all for one low price. See this page for more information