However, Piriform said it had taken action to ensure users of the affected versions of CCleaner were safe by removing them from download sites.
The disk cleaning utility CCleaner has been hijacked by cyber attackers that used the popular software as a vehicle for distributing and spreading malware.
The attacker added malware to the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191. The company said it has already forced updates of the affected version and in its own words was "able to disarm the threat before it was able to do any harm". In that attack, which crippled thousands of business machines worldwide, wiper malware was distributed via legitimate tax accounting software from a Ukrainian company called M.E.Doc.
The maliciously modified version of the tool was available for download until September 12. However, there are a few factors that limited the number of infections, one of which is that for users of the free version of CCleaner, updates are not automatic.
"In analyzing DNS-based telemetry data related to this attack, Talos identified a significant number of systems making DNS requests attempting to resolve the domains associated with the aforementioned DGA domains".
That means this malicious code had the potential to reach more than 20 million users in the period of time the bad version of CCleaner were available for download.
Also, it appears the malware simply collected information about the computers it was uploaded on; while Floxif can download and execute other forms of malware, Avast, CCleaner's distributor, hasn't found evidence it did so. No malicious software has been found in CCleaner 5.34, which was released on September 13. The first clean version of CCleaner that users should now be using are Version 5.34 and 1.07.3214 respectively. "Attackers have shown that they are willing to leverage this trust to distribute malware while remaining undetected", the blog post said.
Piriform, the software's developer, has since issued an apology for the exploit affecting so many of its customers.
"At this stage, we don't want to speculate how the unauthorised code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it", Piriform wrote on its blog.
Piriform and Avast continue the investigation in order to find out how this compromise happened, who did it, and the hackers' ultimate goal. Even if you are not sure you downloaded the software or updated it in given time frame, you should update it to the latest version to avoid any issue.
Pakistan look to seal Independence Cup against World XI
The World XI opened their chase strongly, with a 47-run opening partnership between Bangladesh's Tamim Iqbal and Amla. But Perera took charge in the last five overs as he cut loose against Pakistan seamers Shoaib Malik and Rumman Raees.
Gas prices drop 15 cents, highest in UP
The national average increased 27.9 cents per gallon during the last month and was 40.4 centers per gallon higher than past year . Energy Department, six Gulf Coast refineries are operating at reduced rates, which is one more refinery than last week.
HURRICANE WARNING for some of Northeast Florida
As per reports from the weather forecast, officials have announced an alarming situation for the United States. According to the latest forecast, the SC coast is now less likely to take a direct hit from Hurricane Irma .
Singapore F1 Grand Prix 2017
Singapore will host a grand prix until at least 2021 after signing a new contract with Formula 1. He is now sixth in the point standings and been retired in six different races this year.
Every product from Fenty Beauty
And it wasn't mere talk; the collection is indeed for all women as it caters to different skin tones. The Fenty Beauty Match Stix serve three different purposes: to hide , contour and highlight.