Popular optimization software CCleaner has been compromised by hackers. The software is a tool used by various entities for optimization purposes on their Windows PC.
In a blog post, the company that manufactures CCleaner notified customers and users about this incident, adding an apology statement.
Piriform's post explains the sequence of events that transpired and how the versions were illegally modified by third parties before it was released to the general public.
The company also mentions the measures it took to protect users-these steps included notifying law enforcement agencies, closing down servers and making the servers that are within reach of the hacker unavailable to them.
The infected version would automatically gather information about a device and send it to a specific IP address after a particular time. If the server is unreachable, the information would be sent to some random addresses based on an algorithm.
What is CCleaner?
The cleaning tool, once downloaded, works by clearing data regarding browser history and cookies, as well as getting rid of unwanted software. From the product's download page, the tool is available in three versions-Free, Professional and Professional Plus.
For those who wish to pay for the cleaning tool, payment options include Visa, Mastercard, AMEX and PayPal.
Each version works in a specific manner. The free version is useful, but can be limited in the breadth of features it offers. And the Pro Plus version is the most effective version, but it comes at a cost.
The Professional version is somehow more preferred, because it has most of the aspects of the Pro Plus version. What's more is that it comes with a 14-day trial version.
More so, the manufactures updated the existing versions and advised those with the earlier version to upgrade to the latest one.
Users who intend not to make a purchase tend to use the Professional option since its free for two weeks and once the 14-day period elapses, one can uninstall the app and then reinstall it.
The essential services offered by the tool are privacy protection, speeding up the device, hardware analysis, automatic updating, defragmentation, junk monitoring and file recovery. Users can choose which package works best for them based on their activities.
CCleaner Vulnerabilities Lead to Hack
Following the hack, the company refused to speculate as to how a malicious code was added to the software before the version of the affected CCleaner was compiled and released.
Various reports indicate that the hack affected more than two million computers explicitly running on the Windows operating system.
According to a report by the Cisco Talos researchers that discovered the hack, the app has two billion downloads and reports an influx of five million new users every week.
These figures illustrate the immense role that optimization tools like CCleaner play in the lives of individuals who engage in various types of online activity.
Following the discovery, a separate comprehensive report by security firm Morphisec was also compiled. This information, along with the Cisco Talos findings, provided the basis for Piriform's statement to customers, supporters and users of the program.
Piriform, along with its CCleaner app, was recently acquired by leading digital security provider Avast.
The company further assured CCleaner users that it will continue to maintain the quality of standards initially offered by the developers.
More so, it will bring together its existing performance optimization tools combined with the newly acquired app to ensure that users are sorted when it comes to PC optimization.
The press release by Avast states the app is used by millions of dedicated users. From the statement, it is evident that the tool is a preference to many.
But it has also been reported that among those who use CCleaner are carders who intend to clear their browsing history and cookies upon undertaking certain operations on their machine.
This is no surprise considering the level of hacking activities that happen on a frequent basis across the globe.
More so, at this point where the digital era is continuing to evolve at an unprecedented rate, more hacks of a higher magnitude are expected to occur in the future.
It is now up to relevant stakeholders in their respective fields to ensure that the users of the platform stay safe. It is also a collective responsibility between the users of a particular software and the developers to ensure that the consumer is indeed safe.
Following this news about the CCleaner vulnerability, all affected persons should uninstall their current version and update to the latest format that has been released by the developers.
Another step users ought to follow to ensure that they are safe is uninstalling other apps that may come from untrusted sources.
Currently, there are countless untrusted apps circulating online whose sole intention is to collect information on unsuspecting users and send that data to the app's developers.
This tactic is not only used by hackers, like the ones who have compromised CCleaner, but it's also employed by governmental intelligence agencies at large.
A good example is a case where the United States Central Intelligence Agency (CIA) developed tools in the form of malware and Trojans which are used to spy on their perceived targets, as revealed in a WikiLeaks dossier.
For people who intend to forgo the importance of antivirus programs, cyber security is an aspect that ought to be given top priority especially when they are frequent users of the internet.
Through downloading apps and clicking on untrusted links that are sent to your email, your device can easily be infected with malware in an instant. What's more, some viruses in will enter your device only to leave no trace of their existence.
They operate in a very discrete manner, and a person cannot know what is happening. A perfect example can be seen in a recent scenario wherein data from Android devices was being sent to Chinese servers without users' knowledge of such.
There are more similar cases within this vein of cyber attacks, but the bottom line is that it's the responsibility of an individual to ensure that their devices and software are up to date with the latest updated versions to keep hackers at bay.
Disclaimer:
You need to enable JavaScript to vote