CCleaner 5.33 version released on August 15th has been compromised and contains a malicious backdoor, this was discovered on September 12 by Avast, new parent company of Piriform and released CCleaner 5.34 on the same day.
Piriform confirms 32-bit version of CCleaner 5.33 was affected and this compromise could have sent non-sensitive data such as computer name, IP address, list of installed software, list of active software, list of network adapters to a third party server in USA.
CCleaner 5.33 compromised
Piriform has worked with US law enforcement to shut down the server on 15th of September. After that, Avast ensured the download sites no longer serve CCleaner 5.33.6162 version and the company also pushed an update notification to affected users.
Since CCleaner Free doesn’t update itself automatically, you need to manually do that, before that, uninstall and remove older version of CCleaner, here is how that can be done.
First launch CCleaner and check which version you’re using, if you’re using compromised 32-bit version of CCleaner, follow the below instructions.
Uninstall and remove CCleaner 5.33 completely immediately
1. Visit Control Panel > Programs > Programs and Features
2. Select CCleaner (version 5.33) and uninstall it.
3. We suggest you to use Revo Uninstaller Free to uninstall CCleaner and remove leftovers also.
4. Optional: If you can’t use your computer without CCleaner, download CCleaner 5.44 and install it.
For more information, read this blog post from Piriform.