Backdoor in CCleaner App Infects 2.3 Million Users

A security application owned by a leading antivirus company should be quite secure, right? CCleaner, owned by Avast is one such app that many people trust and install on their phones and PCs to enhance their usage experience and privacy. In a shocking update, it was recently spotted that CCleaner has a major backdoor which can potentially affect 2 Billion people with 2.3 Million people reportedly affected.

The backdoor was injected in the app by criminal hackers. This backdoor allows installation of other malicious software into the PCs or phones. This means PCs running the affected version of CCleaner might be vulnerable to keyloggers, ransomware and other similar security threats. We strongly recommend our readers to update their CCleaner app to the latest version.

This security threat was discovered last week on the 13th of September. The app has over 2 Billion downloads already and over 5 Million users are added every day, which makes the it an even bigger threat.

The affected version of CCleaner – v5.33 was released in Mid-August. An update came out on the 12th of September, which means there was about a month in between where the malware had time to spread. Avast has accepted that the app was indeed compromised for a while. However they have now stated that it is safe to use following the update.

“Based on further analysis, we found that the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public, and we started an investigation process. The threat has now been resolved in the sense that the rogue server is down, other potential servers are out of the control of the attacker. Users of CCleaner Cloud version 1.07.3191 have received an automatic update. In other words, to the best of our knowledge, we were able to disarm the threat before it was able to do any harm.”

The attack was carried out using Domain Generation Algorithm – which is quite a sophisticated and complex form of a malware attack, indicating that the attackers were quite technologically advanced.

Article written by Kishan Jobanputra

Based out of Rajkot, Kishan is an avid traveler, and a featured travel writer. He also happens to be a major tech enthusiast, and one can almost call him an Apple evangelist. He loves to recommend the brand to people. He is a journalist by profession. Contact him at