Avast Buys CCleaner Then Distributes an Infected, Hacked Version to Users

By | September 18, 2017
Print pagePDF page

Avast Buys CCleaner Then Distributes an Infected, Hacked Version to Users

We’ve cautioned users against trusting their computers to Avast many times. We based this on the number of computers we’ve worked that had Avast installed and that were infected with malware.  We written several warnings about Avast, for instance this one that we wrote in 2014.

In July 2017, Avast purchased Piriform – the company that makes CCleaner. By August 15, 2017, Avast started distributing an infected, hacked version of CCleaner that compromised users’ computers, opened a backdoor for the potential installation of more malware, and allowed the compromised computer to send back personal information to the hijackers.

“Forbes” explains:

Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected.

The affected app, CCleaner, is a maintenance and file clean-up software run by a subsidiary of anti-virus giant Avast. It has 2 billion downloads and claims to be getting 5 million extra a week, making the threat particularly severe, researchers at Cisco Talos warned. Comparing it to the NotPetya ransomware outbreak, which spread after a Ukrainian accounting app was infected, the researchers discovered the threat on September 13 after CCleaner 5.33 caused Talos systems to flag malicious activity.

Further investigation found the CCleaner download server was hosting the backdoored app as far back as September 11. Talos warned in a blog Monday that the affected version was released on August 15, but on September 12 an untainted version 5.34 was released. For weeks then, the malware was spreading inside supposedly-legitimate security software. If CCleaner’s claims on user numbers, millions are likely affected.

(read more … )

According the information from Cisco Talos, Avast distributed the compromised, hacked version of CCleaner from August 15, 2017 until September 12, 2017. That means that for nearly four weeks, Avast continued to distribute an infected, hacked CCleaner which contained a backdoor Trojan that was capable of downloading malware, keyloggers, ransomware and other malware onto the user’s computer — without the user’s knowledge. Plus, it open a pathway for the user’s confidential information to be sent surreptitiously to clandestine web servers belonging to the hacker.

It’s a sad state of affairs when a security vendor, who inherently has users’ trust, could allow something like this to happen — let alone take almost 4 weeks to discover it. All that time, Avast/Piriform  continued to distribute the compromised CCleaner

If Avast can allow something like this to happen to their own servers and software products, then just how well do you think Avast is protecting your computer?  This is really a shame;  this is all about a compromised security vendor, something that should never have been allowed to happen.

Sometimes free is just too expensive.

Those of you who are using Emsisoft are protected from the effects of the CCleaner hacking. If you’re not using Emsisoft, consider taking advantage of our special offer.

To those using CCleaner, we urge you to consider an alternative, or at the very least, update CCleaner immediately. If you’re looking for an easy cleanup solution,  try Windows Disk Cleanup – it comes with every version of Windows – you already have it.

We use and offer Reg Organizer and it’s discounted for Cloudeight subscribers & readers. While it is not free, it is a great tool for cleanup, tweaking, optimizing and more. Reg Organizer 8.0 has new cleanup and privacy features. You can read more about the newest version of Reg Organizer with enhanced cleanup features here. 


 

Our recommendation of Emsisoft & a Special Offer

No Foolin' Special - Emsisoft with Free Installation

Several years ago, we made a decision to recommend Emsisoft to our readers. We did not do so lightly. We spent weeks testing many security and anti-virus programs before we decided on Emsisoft. It’s one of the best decisions we’ve ever made. Not only does Emsisoft provide superior protection, the team behind it provides world-class to support to all our mutual customers.

For the last month or so, we’ve been offering Emsisoft, with a one-year license, plus free installation and set-up by Cloudeight – all for less than the retail price. Now, because of of the Avast/Piriform CCleaner hack, we’re including with our Emsisoft offer, a free checkup to make sure your computer has not been affected. We will completely uninstall your current security software,  check your PC for malware, check CCleaner, make sure it’s updated, (or remove it at your request) plus and install and configure Emsisoft (including a one-year license)… all for one low price. See this page for more information

 

 

9 thoughts on “Avast Buys CCleaner Then Distributes an Infected, Hacked Version to Users

  1. Joolz

    sir what similar product do you recommend? i love my ccleaner! it’s easy to use, seems to have an effect, or what do i know. do i have to uninstall mine? i downloaded it maybe a year ago, so…is it okay? or would an upgrade affect it? please let me know.

    Reply
    1. infoave Post author

      If you want to keep CCleaner, we recommend that you make sure yours is updated to the current version.

      Reply
      1. infoave Post author

        If you keep it be sure you stay updated on any news of further hacks with Avast, and also, consider the suggested options in our article

        Reply
    2. Barb

      Me too! I’ve used it for years and years and have never had a problem with it. I have really depended on that program. One feature I particularly like is the ability to choose which cookies to save, so it doesn’t delete them all with every cleaning. I also like that CCleaner would give a notification when it thought you might want to know how much junk you had accumulated and then offer to run it. Do you know of a similar program that does that same type of thing? Does Reg Cleaner do the same things, like save cookies and send notifications when time to clean? Thanks!

      Reply
      1. infoave Post author

        Sorry I can’t be of much help. I don’t care about cookies – there are so many more important things to be concerned with. Perhaps someone reading this would know a good replacement (Free) for CCleaner. Although the problem isn’t CCleaner, it’s the company that now owns it.

        Reg Organizer offers a lot of advanced cleaning features including some very nice privacy cleaning options, but like I said, cookies are not very important to me.

        CCleaner had no problems with security until its parent company was purchased by a so-called security company. The real revolt should be coming from the folks using Avast to protect their computers.

        Reply
    3. infoave Post author

      We don’t put too much emphasis on cleaning cookies or temp files. Back in the early days when hard drives were small (would you believe 540 MB when we started was the average size of a hard drive? We thought we were living in really new age when they introduced 2 GB hard drives!). Anyway, back in those days, it was really important to keep every bit of space free or it would affect performance. Now with 1 TB hard drives common, it would be rare for cookies and temp files to interfere with system performance. So we are not good ones to ask. Maybe some of our readers have some suggestions for you.

      Keep in mind the problem isn’t CCleaner, it’s the company that bought them. We can’t believe that AVAST allowed this to happen, but it would be really terrible if it happened again.
      Reg Organizer has some really nice privacy & clean up options built into it. You can also use Windows 10’s Storage Sense to clean up junk files. See this article.

      Otherwise, maybe some kind-hearted readers will have some suggestions for you.

      Reply
      1. Barb

        Because of your many revealing and informative comments over the years about Avast, I have been trying to find a replacement for CCleaner but haven’t read about any that look too promising. I think I was worrying about saving the ‘flash’ cookies and hoping to avoid the hassle when every time I go to a certain website that doesn’t t recognize my computer, they have to send me a code or call me or some such nonsense to verify my identity. This was all but eliminated with CCleaner’s cookie keeper feature. But if I can find a good replacement, I will be happy with using LastPass for remembering my logins and passwords. I did try Reg Organizer a few years back but it expired, so I may try that again. I see you have a special renewal price for it on your website. Thank you!

        Reply
  2. Gina (Georgine) Robertshaw

    OMG…I have been so behind in reading my Cloudeight newsletters for over 3 years now because of 5 surgeries. I have been using Avast based on information you gave many years ago that the free versions of Avast, AVG (and I believe Commodo) were as good as the paid programs out there. For the first time ever, for some reason I recently (and stupidly) purchased a year’s upgraded Avast version rather than the free one. I could kick myself for not keeping up on your newsletters!

    I just purchased your offer for Emisoft and look forward to you installing it for me. I wasted money on Avast, which isn’t good when you’re on a low, fixed income; especially when following your advice and tips never steered me wrong. Technology and companies change almost daily and I now realize I have to stop wasting so much time on Facebook and instead make a solid commitment to reading my InfoAve Premium newsletter EVERY week from now on to keep up with things. Because of my bad spine problems I only have a limited amount of time to be online everyday and I want to use it to keep my laptop in the best possible shape (otherwise I’ll have NO time online because of too many problems with my laptop)! I recently subscribed to your daily tips and thank God I did, and also that I do read them every day. I couldn’t believe it when I read today’s tip about Avast and CCleaner!

    Thank you for all the work you do keeping up on everything computer-related. You do all the work. All we need to do is READ what you learn to keep ourselves safe online and keep our computers running well. And from now on I will be reading faithfully!

    Reply
  3. Vicki-In-Oz

    After being involved with Cloudeight since the beginning with my husband I failr to understand why individuals question the advice given here relating to good programmes which disappear or programmes such as Incredimail which distributed malware and unwanted toolbars, other numerous programmes which spread malware and viruses and recently Avast arises as a ‘freebie’ and bypasses a good deal of spyware and malware, and is nigh impossible to remove as it is buried deep in the registry
    Now we have CCleaner on the quich-buck, snake-oil bandwagon disguised by Avast and Piriform would be aware of the malpractice of spreading computer infections.
    Some ‘freebies’are good programmes, TC & EB advise the truthin newsletters, Piriform have been untrustworthy in the long-gone past, CCleaner itself has never been 100% worthwhile so why not pay for recommended programmes instead of the unkown, even by stating that CCeaner “has been OK for you” so why not trial a highly rated top class programme, see how much junk is found.
    No point having an expensive computer and and cutting corners with protection of same.
    A massive amount of credit is due from the thousands plus computer users who have been continuously steered on a clear path through a ‘minefield of computer junk’ and taught, free of charge, those thousands of novices how to improve their computer use abilities for the past 20 years!.

    Thank You TC & EB

    Reply

Leave a Reply to Joolz Cancel reply

Your email address will not be published. Required fields are marked *