You may have heard the news that the immensely popular CCleaner disk cleanup tool was hacked. Most IT guys (and many consumers) have used CCleaner to free up disk space (combined with the third-party CCEnhancer, it can clean up a lot of extra files that standard window Disk Cleanup won’t get). That being said, if you’re running CCleaner 5.3.3, you are potentially at risk and it is recommended you upgrade (older versions and newer versions are not affected – the 5.3.3 version was available on their site for a month).
If you’re interested, you can find some technical reading material from the folks who originally discovered the malware as well as a write-up from Avast (the company that makes CCleaner).
Thankfully, there’s a bit of an upside: From what we are reading, the hack requires you to have run the 32-bit version of the program to infect your machine (and only on that particular version – any other version appears to have been fine). The 32-bit version gets installed when you download it, but so does a 64-bit version – which is what is run by default on most computers (32-bit operating systems are hard to find, like Windows XP or Windows Vista – Windows 7 is generally 64-bit across the board unless you explicitly ask for it that way). If you did not download, install, or update CCleaner in the last 60 days, you should be fine.
Just the same, you should run a full antivirus and malware scan to be safe, and make sure your backups are up-to-date.
If you need to use a disk cleanup utility, we recommend you use the Windows built-in Disk Cleanup for now and uninstall CCleaner until the dust settles. While it appears the malware writers are largely going after big tech companies, it’s best to be careful. If you think you might have been infected, call us and we can check into it (or for you folks who are wanting to try it yourself – with the disclaimer that you could break something – bleepingcomputer.com has a good write up on detection and cleanup). We will be working with our monitoring tools to see if there is a way to detect computers that either have the affected version of CCleaner or registry remnants showing possible infection.