Popular free PC software CCleaner 'compromised' by malware

Around 2.2 million users downloaded the hacked software before the issue was discovered

Popular free PC software CCleaner 'compromised' by malware

File photo. Picture by: Kai Remmers/DPA/PA Images

A popular PC utility programme has been infected with malware, the company behind the software has revealed.

CCleaner, developed by Piriform, is free software designed to clean-up a user's computer and remove unwanted files.

According to Avast - the Internet security firm that recently acquired Piriform - CCleaner has been downloaded more than 2 billion times since its initial release in 2003.

However, more than 2 million recent downloads are said to have been of a 'compromised' version of the popular PC tool.

Piriform's servers are said to have been hacked at some stage this summer, with the malicious version of CCleaner uploaded on August 15.

The hack was not detected for almost a month, with security researchers at Morphisec alerting Avast of the issue last week.

Researchers discovered 'backdoor code' that could have given hackers remote access to a compromised computer. The malicious code, however, is not believed to have been activated.

According to Avast, the hack affected two specific versions of the software - the 32 bit and cloud versions (both Windows only) - which were downloaded around 2.2 million times before the threat was dealt with.

In a statement, Avast said: "We deeply understand the seriousness of the situation, as we do with all security threats. We regret the inconvenience experienced by Piriform’s customers."

The company said it 'accepted responsibility' for the breach, noting that they have implemented several 'actions and precautions' to avoid a repeat of the incident.

Piriform said that it had contacted law enforcement about the matter, adding: "At this stage, we don’t want to speculate how the unauthorized code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it. The investigation is still ongoing."

A majority of affected users are said to have updated their software to a newer version, but around 730,000 others who haven't are being urged to do so - although the companies involved stress that customers aren't at risk as the malware has been disabled on their servers.