Business Users - CCleaner v5.33 and CCleaner Cloud v1.07 Security Notification

What type of data was compromised?
As per our September 18th blog post, we were aware at that time that the compromise could cause the transmission of non-sensitive data (computer name, IP address, list of installed software, list of active software, list of network adapters). The server this data was transmitted to was shut down to eliminate risk.

What business users are affected?
All users with the 32-bit version of CCleaner v5.33.6162 and version 1.07.3191 of CCleaner Cloud were affected (if you are using CCleaner Cloud, the 32-bit version runs on 64-bit machines). 
All CCleaner Cloud users have been automatically updated to the latest version and all CCleaner v5.33.6162 users should update to the latest version.
CCleaner Business Edition endpoints can be updated via the in-app auto-update mechanism or using group policy using the installer here. If you are using CCleaner Business edition via an integration with ConnectWise Automate (formerly LabTech or Kaseya), you can update all available clients using the CCleaner plugin.
We recommend you ensure that all endpoints running CCleaner are running the latest version.

I have a 64-bit machine so why is CCleaner still being flagged by antivirus?
CCleaner v5.33.6162 users, please note that the 32-bit and 64-bit versions of CCleaner are packaged as one installer. Most of the antiviruses can recognize the 32-bit version inside the installer and flag the whole installer as malware. 
To resolve this, we recommend all endpoints are running the latest version of CCleaner.

I am using CCleaner Cloud to manage others (I’m an MSP). Does this affect my clients?
We recommend that you ensure all endpoints running CCleaner are updated to the latest version.
As we have gained new insights through our investigation, we can now say that the purpose of the attack was not to attack consumers and their data, but to gain access to corporate networks of select large enterprises. 
Avast have been reaching out individually to the companies known to have been impacted to provide them with technical information and assist them. If your clients are known to have been affected, they will have been contacted directly. 

Do you have file hashes for us to verify we have the official CCleaner v5.35 build?
Yes, here are the MD5 and SHA256 file hashes for each of the CCleaner v5.35 builds.

ccsetup535_be.exe - CCleaner Business Edition Installer
MD5:                    a4764ceac2ea72ce6045367c0e59b6eb
SHA256:               40e18acdda6b3d58665f58231c700a1f15e1dbbcd8f7f56b5e8f94cca115652f

ccsetup535_be.msi - CCleaner Business Edition MSI Installer
MD5:                    f16911c5aaf026e189705f06d9da41ee
SHA256:               7f6c24f459725110d714fa5324cfd7a57afb24245c9cc358b7f2b724a64763d6

ccsetup535_be_trial.exe - CCleaner Business Edition Trial Installer
MD5:                    f545db13ed4833821266f1a740d83bfe
SHA256:               04ff4c729fc93a97688602f83fa4603cb2d0913bdc7538fa7e69b098f4307402

ccsetup535_te.msi - CCleaner Technician Edition Installer
MD5:                    361eed61fa10d30937018fe9ae3e90af
SHA256:               267047a7ab8d45990b72b6268dd6bb645582cc4d1b0fadd7c1a676f22f519450 

What does this compromise mean for affected business users?
Initially, it was unclear whether the compromise was directed at consumers or businesses, or both. As we have gained new insights through our investigation, we can now say that the purpose of the attack was not to attack consumers and their data, but to gain access to corporate networks of select large enterprises. 
Avast have been reaching out individually to the companies known to have been impacted to provide them with technical information and assist them. If you are a business known to have been affected, you will have been contacted.