Just this past Monday, Piriform announced in a blog post that their CCleaner software had been released with malware. CCleaner is a program that cleans unwanted junk, including browser histories, off of computers. The software had illegally been tampered with by an outside party to add malware that would take certain information from the affected computers and send it to a server—the information included IP addresses and details about which other software was on the computer. At the time of the blog being posted, Piriform had already gotten the server shut down that was collecting the information and begun the process of further resolving the issue by having the software’s users upgrade to a new version. It seems by the point it was discovered, the malicious software was likely downloaded by 700,000 people—Avast had previously suggested it might have affected 2.2 million.
Now it’s becoming clearer that the people who added the malware weren’t just trying to get random victims’ information. It seems that the attack was an attempt at “industrial espionage.” The malware was working to specifically find computers that would give the attackers access to some well-known companies by searching for some specific domains. Though other companies may have been targeted, some of the companies include Microsoft, Google, Samsung, and Sony. And according to Wired, some of the infected computers actually were part of targeted companies’ networks, which led to even more malware being added to the computers. Out of the main companies initially listed, eight of them were effectively targeted, though it’s not clear yet exactly which ones were affected.
With this news, the situation surrounding CCleaner seems to have gone from bad to worse, moving from a straightforward (but still bad) attack on personal computers to what some are suggesting could be a particularly malicious attempt at spying on major companies. More information is still being uncovered, and it’s a little bit unclear how much damage has really been done. Don’t forget, if you have CCleaner installed on a computer, check now to see if you have an important update waiting.