‘Floxif’ Malware - CCleaner Software Hacked!

CCleaner, the computer-optimization software has been compromised by hackers in a way that could have let them control millions of devices. It is used to delete cookies and junk programs to make computers and Android phones run faster.A malware 'Floxif' was implanted in the free software which is downloaded over 5 million times a week. Around 2 million users are currently using the infected software. Piriform, the company manufacturing the same sought to calm consumers who might be inclined to panic. Though 700,000 users still run the infected version of the software, the malicious software has been disabled and risk has been alleviated.The malware gathers information about infected systems and sends it to its C&C server. It collects information such as computer name, IP & MAC addresses, list of installed and running software and processesHackers were able to infiltrate the CCleaner program and insert malicious code at some point while Piriform Software developers were creating a new version of the program. The code was signed by a digital certificate meant to guarantee the legitimacy of the CCleaner software developer.Security software maker Avast bought Piriform in July 2017. The malicious code was uncovered on 12 September 2017. CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 and released in August were affected. Piriform has advised users with these versions to download the new version of CCleaner 5.34 with an update v 1.07.3214.Avast is investigating the matter. It is unclear as to how the malware breached security systems. It is suspected that the code was added by an insider with access to development or build environments within the organization.It is highly recommended to download the new version with patches and stay safe.