CCleaner is the world’s most popular PC cleaner, so it is not surprising that it was targeted by hackers who somehow infiltrated the development process of the 5.33 version of CCleaner and placed a backdoor in it. For the purposes of this article, the corrupted CCleaner will henceforth be called Cyber Villains Corrupted Ccleaner 5.33 Version. Cybersecurity experts were quick to notice that the corrupt version and the developer Piriform has since fixed the issue with the release of version 5.33.6163. If you have the 5.33.6162 version, then you should remove it and install an updated version because automatic updates are enabled only on Professional and Professional Plus versions while the Free version is not updated automatically. So if you have the free version in particular, we invite you to read this article.
CCleaner was developed by Piriform, a company that was acquired by Avast on July 18, 2017. CCleaner is probably the most popular PC cleaner in the world, and with good reason, it has many users around the globe. Therefore, it is no surprise that it became a target for hackers. CCleaner was illegally modified during development to include a backdoor component.
It was revealed by Avast that before they have acquired Piriform, hackers were probably in the process of hacking into the Piriform systems. Compromising the systems may have started on July 3. So Piriform was targeted before the acquisition.
Cyber Villains Corrupted Ccleaner 5.33 Version was released on August 15 and went undetected for four weeks. Four weeks is a lot of time to work undetected, so this fact just goes to show how sophisticated the attack was. It was a well-prepared and executed attack but, thankfully, it did not cause any harm to the users of Cyber Villains Corrupted Ccleaner 5.33 Version. After discovering that Piriform systems were compromised, the company and Avast worked together to fix the issue, and within 72 hours of discovery, the issue was resolved.
It has been revealed that two smaller distribution products that include the 32-bit and cloud versions for Windows were compromised. As a result, the number of users affected by this incident was 2.27 million. Still, even though the developers have released an automatic update, there are 730,000 users still using the compromised 5.33.6162 version. Therefore, users should update the compromised version to a newer version. The backdoor that was introduced by the hackers has been disabled on the server side. It has been reported that the developers have taken down the offending server on September 15. As a result, the hackers have lost the ability to deliver the malicious payload. Note that the currently shipping version 5.34 and previous versions did not contain the threat. Analysis has shown that the second stage payload was never activated. So there are no consequences you should be worried about.
The updated version 5.33.6163 is identical to the compromised 5.33.6162 version but does not contain the backdoor. The 5.33.6163 version is a lightweight automatic update that eliminates the threat. But, again, the free version of CCleaner did not receive that update, so you have to update the software manually. CCleaner 5.33 users are set to receive a notification advising them to update the program.
In closing, Cyber Villains Corrupted Ccleaner 5.33 Version is a compromised version of the popular CCleaner that features a backdoor code that was designed to drop a malicious payload. Thankfully, this issue has been resolved as the backdoor has been disabled from the server side. If you have CCleaner on your PC, then you should remove the compromised version by running an update of the program, especially if you use the free version.