CCleaner is a popular cleaning program that is often installed to help clean up a slow PC. It boasts that it “protects your privacy and makes your computer faster and more secure”.
A recent version of CCleaner, version 5.33, had been modified to include malware. Attackers had managed to compromise a server from which users download CCleaner. They were then able to add malware to the setup file and resign it with a legitimate certificate. This helped the malware to bypass any protections users had in place that might have otherwise stopped the installation.
The malware only affects 32-bit systems, and is removed with the latest update of CCleaner.
The malware that is included is known as Floxif. It is a Trojan that allows the attacker to run additional executable files on your PC as well as collect information regarding your PC.
If you are a user of CCleaner it is highly recommend installing the latest version from the Piriform website.