Over 2 million users recently installed a version of CCleaner that had been hacked and included a trojan virus, according to the software developer.
This isn’t the first time that software that is designed to help and protect computers has contained malicious code It is, however, the first time that a popular tool (used many computer repair companies and technicians) has been successfully targeted. And while the software company has given the all clear, it was recently discovered that the newer (not compromised) version is also affected.
It get’s worse, in addition to the Trojan injected into the code, the infection contains a second payload that hasn't been executed as of yet.
This form of infecting a victim with viruses and malware is being called a “supply chain” attack because it relies on the fact that the person downloading and installing the software trusts the source and the software company.
The truth is, if the end users or the computer techs that they are trusting to remove viruses don’t stay on the cutting edge of technology (and news of this nature), they will end up eventually doing more harm than good due to future attacks like this one.
As cat.man.du enters it’s 15th year helping home PC users and home businesses battle the constant threat from hackers and viruses, we are committed to constantly monitoring the tools and apps that we use to fight malware, spyware and viruses and never become complacent.