It’s bad enough when a piece of security software installed on nearly three quarters of a million PCs turns out to be corrupted. It’s even worse when it appears that this may be a backdoor through which hackers can and have released malware into the affected systems. To find that the attacker(s) in question is probably not just some half-baked cybercrook, but could in fact be a state-sponsored Chinese spying operation makes matters even worse.
The software in question is CCleaner, a security product from Czech-based company Avast, whose security checks failed to spot the backdoor. Being a very popular application, CCleaner has been installed on over 700,000 computers – and the hackers have tried to use it to penetrate the networks of twenty major tech companies; among them Intel, Google, Microsoft, Samsung, Sony and Cisco.
Any company affected must face the fact that simply deleting the application may not guard against this secondary infection. Researchers suggest that the only safe solution is to restore systems from backups that date back to before they installed CCleaner. As far as bad press goes, this is pretty abysmal.