Recently, a strange news surfaced about the presence of malware inside CCleaner, a very popular system cleaner software. Apparently, the installer packages for CCleaner version 5.33.6162 were infected by a malware. This resulted in over two million Windows computers getting infected with the malware. According to a clarification blog post made by Piriform, this was the result of a security breach in their download servers. What is alarming is that the malware was not bundled in the downloaded package, but it was present inside the CCleaner binary file itself.
The download servers were infected between August 15th, 2017 and September 12th, 2017. So if you downloaded a fresh copy of CCleaner anytime between these two dates, then you might be infected. Another thing to notice is that only 32-bit version of the setup installers were infected. So if you use are using a 64-bit version of Windows and downloaded the Piriform CCleaner on it, then you are not infected. Even on 32-bit Windows systems, the infected version of CCleaner is 5.33.6162 which you can see after launching CCleaner.
The malware is included in form of a modified CCleaner binary executable. The instructions inside the modified CCleaner binary did two things – upload the collected data to the malware server and ran instructions received from the malware server. The infected CCleaner binary can easily be updated to a safe version by downloading a new version of CCleaner from Piriform and installing it.
But if the malware was able to execute some code on your PC then further infection by some other malware is also possible. In this case, you should scan your PC with a good antivirus product. Apart from this, you should also consider changing the passwords and password recovery settings for your key accounts like online banking, email accounts, google services accounts etc. Even though Avast (now Avast owns Piriform) says that they stopped the threat before it could cause any damage, you should practice some basic safety guidelines – it is always better to be safe then sorry.
Further information about this incidence can be had from http://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users.