Hackers hid malicious code in popular CCleaner software – CNET

Hackers

The free version of CCleaner is downloaded millions of times a week.

Sergei Konkov/Getty

Hackers penetrated computer-optimization software CCleaner in a way that could have let them control millions of devices, Piriform, the company that makes the program, said Monday.

A malicious program was planted inside the popular, free software, which is downloaded as often as 5 million times per week and is used to delete cookies and junk programs to make computers and Android phones run faster.

Piriform said it estimates that 2.27 million people used the infected software, but downplayed any need for panic among consumers.

“We resolved this quickly and believe no harm was done to any of our users,” the company said in a statement.

Avast, the Czech Republic-based security software maker that bought Piriform in July, uncovered the attack on Tuesday. Two versions of the software released in August were affected, the company said.

Piriform advised people with CCleaner v5.33.6162 or CCleaner Cloud v1.07.3191 installed on their machines to delete them and download new versions as soon as possible. The software does not update automatically.

“We are continuing to investigate how this compromise happened, who did it, and why,” Piriform said. “We are working with US law enforcement in their investigation.”

The Smartest Stuff: Innovators are thinking up new ways to make you, and the things around you, smarter.

iHate: CNET looks at how intolerance is taking over the internet.