CLOSE

If you use a software tool called CCleaner to keep your Windows PC humming smoothly, keep watching.
Time

SAN FRANCISCO — Hackers that broke into as many as 2.27 million accounts of a computer cleaning program were targeting telecom equipment companies in the United States, Japan, South Korea and Taiwan, security company Avast told USA TODAY Thursday.

The initial breach was reported on Tuesday. Hackers had hidden malware in CCleaner, a popular app that cleans cookies and junk programs from PCs and Android phones to make them run faster. Czech-based Avast bought the London-based firm Piriform, which produces the program, in July.

When Avast looked at the computer logs it was able to recreate after the attack, it found just 23 compromised computers  at eight different companies. The hackers’ program was specifically looking for companies on a list of telecom equipment manufacturers and a few telecommunication companies, attacking many but only infecting a portion, AVAST wrote in a blog posted Thursday night.

There may have been other companies hit as well but Avast couldn’t access the records because the attackers experienced disk troubles and wiped the computer where they stored their stolen data, Avast CEO Vince Steckler told USA TODAY.

In the CCleaner attack, several million computers were infected with malware that had been hidden in the popular PC cleaning software. That malware then sent information back to the hackers about the compromised computers, including their Internet addresses and who had access to them.

When it found a company on its list of telecom providers, it deployed a second piece of malware that allowed the hackers to take over the computer and begin mining it for information. 

This is what’s known as a watering hole attack, “because the lion lays in wait and…