It looks like the CCleaner malware was worse than we knew. Just a few days ago, it was revealed that over 2.27 million people had downloaded a version of CCleaner that was injecting malware. CCleaner is a popular performance optimization software that removes the temporary internet files from the Windows operating system and also cleans the malware-like apps.
The utility had been distributing malware to Windows PCs and it has been confirmed by the developer Piriform. We had no idea that the malware hasn’t only targeted the users but it appears that malware was trying to access the internal networks in Microsoft, Google and other tech firms.
Avast confirmed that the attackers targeted companies including Microsoft, Google, D-Link, Intel, Akamai, Sony, Samsung, VMware, Cisco, HTC and Linksys. “At the time the server was taken down, the attack was targeting select large technology and telecommunication companies in Japan, Taiwan, UK, Germany and the US. Given that CCleaner is a consumer-oriented product, this was a typical watering hole attack where the vast majority of users were uninteresting for the attacker, but select ones were,” Avast writes.
Cisco revealed that the hackers have successfully installed the malware on more than 700,000 computers. Cisco has asked everyone who had the 5.33.6162 version of CCleaner or the 1.07.3191 version of CCleaner Cloud installed to restore their systems from backup or perform a clean install. According to the firm, you’ll need to clean up the entire system to be on a safer side as uninstalling the software is of no help.