Hackers have penetrated the popular, free Windows Optimization software CCLeaner with a malicious code that allows the hacker to take control of devices.
Piriform, the developer of the program revealed this on Monday, it however sought to calm users of the software who might be inclined to panic.
"We resolved this quickly and believe no harm was done to any of our users," the company assured in a statement.
This hack shows that even software updates from trusted brands can be bad news. It's also ironic, because one of the best ways to keep your devices safe from hackers is to keep your software up to date. Usually.
The hackers were able to infiltrate the CCleaner program and insert malicious code at some point while Piriform software developers were creating the new version of the program. As a result, the code was signed by a digital certificate meant to guarantee it came from a legitimate CCleaner software developer. For regular users of CCleaner, there was no reason to distrust the software update that contained the bad code.
Avast, the Czech Republic-based security software maker that bought Piriform in July, uncovered the CCleaner attack on Tuesday. Two versions of the software released in August were affected, the company said.
Piriform advised people with CCleaner v5.33.6162 or CCleaner Cloud v1.07.3191 installed on their machines to delete them and download new versions as soon as possible. The software doesn't update automatically.
Download an updated malware free version of CCleaner here
The popular freeware is being downloaded as often as 5 million times per week and is used to delete cookies and junk programs to make computers and Android phones run faster.