There is no telling, however, whether the popup won't be used to advertise other Avast products such as Avast antivirus products.ĬCleaner has been in the news recently quite a bit.
REMOVE CCLEANER MALWARE INSTALL
The one downside to this is that you will have to download new versions manually to install them, at least until the July 7 deadline is reached. for example with TinyWall or Windows Firewall Control, it seems that you won't get the advertising popup. If you disallow the program to connect to the Internet.
What you can do is block CCleaner's Internet access. In fact, there is no option at all to prevent this kind of behavior. There is no option in the program to disable the advertising popup. You can open the Summer Sale page directly here.ĬCleaner Professional adds features such as priority customer support, automatic cleaning, and additional cleaning options to the application.
REMOVE CCLEANER MALWARE UPGRADE
It is rather strange that Piriform/Avast would display two different upgrade offers to users of the program. There you find the offer for €12.49 instead of $14.95. The reason why there is a discrepancy is that a click on the "upgrade & save" button opens a page on the CCleaner website. On my system, it displayed a discount of €10 from €24.95 to €14.95 which is less than 50%.
In addition to being installed on more than 2 million systems, the CCleaner malware is dangerous because it can place a backdoor on infected systems that appears legitimate because it is signed with one of Piriform's own digital certificates.There you may notice that the 50% may not have been accurate.
REMOVE CCLEANER MALWARE SOFTWARE
However, enterprises that didn't have the software auto-updated needed to manually remove it from the impacted systems. From the nearly 2.27 million systems that installed the impacted CCleaner, only 40 systems were infected, and most of the systems that installed the impacted CCleaner got an auto-update from Avast that removed the malicious version - showing one perk of auto-updates. Morphisec notified Avast of suspicious connections from CCleaner, prompting an investigation.Īny time an enterprise is notified of an attack that it didn't internally detect, it is a bit concerning, but not surprising. Given that CCleaner is used so widely, it's a target for a watering hole attack.Ī recent watering hole attack was disclosed in detail by Avast Software, Morphisec and Cisco, and it described how an attacker was able to gain access to Piriform Software Ltd.'s software development environment to add malware to the legitimate CCleaner software - Avast acquired Piriform last summer. CCleaner software is usually only installed on a few endpoints in an enterprise, but the organization could lose track of the software. Sometimes, the help desk will use tools to investigate an endpoint that may have been infected with malware, and one of those tools is CCleaner. Some software may be managed by the enterprise, some may be used by the help desk to fix systems, and some may be used by employees without the knowledge or approval of the enterprise IT department. One common security recommendation is to know what software or systems your enterprise is using so that you know what needs to be secured. Software and supply chain security are critical parts of an enterprise's information security program.