CCleaner malware attack worse than initially reported.
The 32-bit installer version of the v5.33 of CCleaner was maliciously modified to install a backdoor which reached out to a remote C2 (Command & Control) server. The backdoor malware was able to receive commands and download additional malware payloads. The infected version of CCleaner was downloaded over 2 million times.
According to Talos, the malware would do a reverse DNS check to resolve the domain of the infected machine. If the domain matched one of 20 pre-defined domains, a secondary payload would be downloaded to the infected machine.
This represents a sophisticated and targeted attack against these organizations, presumably to steal intellectual property.